漏洞标题
N/A
漏洞描述信息
SAP MII 允许用户通过 SSCE(自服务组合环境)创建仪表板并将其保存为 JSP。攻击者可以通过拦截服务器请求,在请求中注入恶意 JSP 代码并转发到服务器。当具有至少 SAP_XMII 开发者角色的用户打开仪表板时,仪表板上的恶意内容将被执行,导致服务器上的远程代码执行,从而允许权限升级。恶意的 JSP 代码可能包含某些 OS 命令,通过这些命令,攻击者可以读取服务器上的敏感文件,修改文件甚至删除服务器的内容,从而完全破坏服务器 hosting SAP MII 应用程序的保密性、完整性和可用性。此外,以开发者身份验证的攻击者可以使用应用程序上传和执行文件,从而执行操作系统命令,完全破坏服务器 hosting 应用程序。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
SAP MII allows users to create dashboards and save them as JSP through the SSCE (Self Service Composition Environment). An attacker can intercept a request to the server, inject malicious JSP code in the request and forward to server. When this dashboard is opened by users having at least SAP_XMII Developer role, malicious content in the dashboard gets executed, leading to remote code execution in the server, which allows privilege escalation. The malicious JSP code can contain certain OS commands, through which an attacker can read sensitive files in the server, modify files or even delete contents in the server thus compromising the confidentiality, integrity and availability of the server hosting the SAP MII application. Also, an attacker authenticated as a developer can use the application to upload and execute a file which will permit them to execute operating systems commands completely compromising the server hosting the application.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
SAP MII 代码注入漏洞
漏洞描述信息
SAP MII是德国思爱普(SAP)公司的一个应用软件。提供制造运营管理功能。 SAP MII 存在代码注入漏洞,该漏洞源于开发人员角色的用户打开此仪表板时,仪表板中的恶意内容将被执行,导致服务器中的远程代码执行,从而允许权限升级。
CVSS信息
N/A
漏洞类别
代码注入