Skip links
RedRays - Your SAP Security Solution
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

SAP Security on Udemy

Code injection vulnerability in WEBCUIF components, SAP security note 1484128

Description

The F4 functionality in WEBCUIF and CRMUIF contains code which allows to execute arbitrary simple Search Help that was not provided directly by an application by means of a normal V-Getter. If such a Search Help has no built in authorization mechanism (e.g. if it is a DDIC Search Help), the execution will be possible and the data displayed to the originator of the request. However, there is no possibility to change data. Furthermore, such unauthorized display impacts only master data and in very limited cases where there is no possibility to add authorization checks inside the Search Help.

Available fix and Supported packages

  • CRMUIF | 600 | 600
  • WEBCUIF | 700 | 700
  • WEBCUIF | 701 | 701
  • WEBCUIF | 730 | 730
  • CRMUIF 600 | SAPK-60011INCRMUIF |
  • WEBCUIF 700 | SAPK-70009INWEBCUIF |
  • WEBCUIF 701 | SAPK-70103INWEBCUIF |
  • WEBCUIF 730 | SAPK-73001INWEBCUIF |

Affected component

    CA-WUI-UI
    User Interface

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1484128

TAGS

#Search-Help-Execution
#Unauthorized-display-of-data
#backdoor
#injection
#F4
#Search-Help

More to explorer

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series. 

JOIN