漏洞标题
N/A
漏洞描述信息
"SAP商业连接(BC)4.6和4.7中的目录遍历漏洞允许远程攻击者通过fullName参数(1)SAPbc/SAP/chopSAPLog.dsp或(2) invoke/sap.monitor.rfcTrace/deleteSingle来读取或删除任意文件。在宽限期结束后将更新详细信息。请注意:SAP商业连接是webMethods集成服务器的 OEM 版本。webMethods表示,此问题只有在产品安装为根/管理员时才会发生,并且如果攻击者具有通用端口访问权限,则此问题会发生。然而,在文档中,这两种行为都受到谴责。此外,攻击者必须通过其他方式已经获得了管理员权限。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
SAP Business Connector路径遍历漏洞
漏洞描述信息
SAP Business Connector是SAP公司OEM世界著名的中间件厂商Webmethod的中间件产品,允许SAP系统通过开放的无限制的标准与各种不同的应用环境进行集成。 SAP Business Connector(BC)4.6和4.7版本在处理用户请求时存在目录遍历漏洞。远程攻击者可利用此漏洞在非授权读取或删除系统文件。如果将fullName参数更改为/etc/passwd(URL编码)而不是所浏览的<SAP PATH>/packages/SAP/logs/new_sap.log,用户就会得
CVSS信息
N/A
漏洞类别
路径遍历