-----BEGIN PGP SIGNED MESSAGE-----
Onapsis Security Advisory 2015-013: SAP Business Objects Memory Corruption
1. Impact on Business
By exploiting this vulnerability an unauthenticated attacker could read or
any business-relevant information from the Business Intelligence Platform
render the system unavailable to other users.
Risk Level: High
2. Advisory Information
* Public Release Date: 09/22/2015
* Last Revised: 09/22/2015
* Security Advisory ID: ONAPSIS-2015-013
* Onapsis SVS ID: ONAPSIS-00105
* CVE: N/A
* Researcher: Will Vandevanter
* Vendor Provided CVSS v2: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:C)
* Onapsis CVSS v2: 9 (AV:N/AC:L/Au:N/C:P/I:P/A:C)
* Onapsis CVSS v3: 8.6 (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H)
3. Vulnerability Information
* Vendor: SAP AG
* Affected Components:
* BussinessObjects Edge 4.0
* BussinessObjects BI Platform 4.1
* BOXI 3.1 R3
* Vulnerability Class: Buffer Copy without Checking Size of Input (CWE-120)
* Remotely Exploitable: Yes
* Locally Exploitable: No
* Authentication Required: No
* Original Advisory:
4. Affected Components Description
Business Objects is part of the Business Intelligence platform from SAP.
It has components that provide performance management, planning, reporting,
query and analysis and enterprise information management.
Every Business Objects installation provides a web service to interact with
different platform services.
5. Vulnerability Details
A mishandling of a malformed GIOP packet causes the remote listener to
crash while reading from invalid memory.
Implement SAP Security Note 2001108.
7. Report Timeline
12/23/2013: Onapsis provides vulnerability information to SAP AG.
12/24/2013: SAP AG confirms reception of vulnerability report.
01/14/2014: SAP reports fix is In Process.
05/12/2015: SAP releases SAP Security Note 2001108 fixing the vulnerability.
09/22/2015: Onapsis Releases Security Advisory.
About Onapsis Research Labs
Onapsis Research Labs provides the industry analysis of key security issues
that impact business-critical
systems and applications. Delivering frequent and timely security and
compliance advisories with associated
risk levels, Onapsis Research Labs combine in-depth knowledge and
experience to deliver technical and
business-context with sound security judgment to the broader information
About Onapsis, Inc.
Onapsis gives organizations the adaptive advantage to succeed in securing
by combining technology, research and analytics. Onapsis enables every
security and compliance team an
adaptive approach to focus on the factors that matter most to their
business? critical applications
that house vital data and run business processes including SAP Business
Suite, SAP HANA and SAP Mobile deployments.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Onapsis Research Team
-----END PGP SIGNATURE-----