Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

CVE-2019-0351 Remote Code Execution(RCE) in SAP NetWeaver UDDI Server (Services Registry), SAP security note 2800779

Description

A Remote Code Execution vulnerability exists in the Services Registry. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.

Available fix and Supported packages

  • ESREG-SERVICES | 7.10 | 7.11
  • ESREG-SERVICES | 7.20 | 7.20
  • ESREG-SERVICES | 7.30 | 7.30
  • ESREG-SERVICES | 7.31 | 7.31
  • ESREG-SERVICES | 7.40 | 7.40
  • ESREG-SERVICES | 7.50 | 7.50
  • ES REGISTRY SERVICES 7.10 | SP022 | 000001
  • ES REGISTRY SERVICES 7.10 | SP023 | 000001
  • ES REGISTRY SERVICES 7.10 | SP024 | 000001
  • ES REGISTRY SERVICES 7.10 | SP025 | 000000
  • ES REGISTRY SERVICES 7.11 | SP017 | 000001
  • ES REGISTRY SERVICES 7.11 | SP018 | 000001
  • ES REGISTRY SERVICES 7.11 | SP019 | 000001
  • ES REGISTRY SERVICES 7.11 | SP020 | 000000
  • ES REGISTRY SERVICES 7.20 | SP009 | 000003
  • ES REGISTRY SERVICES 7.30 | SP017 | 000001
  • ES REGISTRY SERVICES 7.30 | SP018 | 000001
  • ES REGISTRY SERVICES 7.30 | SP019 | 000001
  • ES REGISTRY SERVICES 7.30 | SP020 | 000000
  • ES REGISTRY SERVICES 7.31 | SP020 | 000001
  • ES REGISTRY SERVICES 7.31 | SP021 | 000001
  • ES REGISTRY SERVICES 7.31 | SP022 | 000001
  • ES REGISTRY SERVICES 7.31 | SP023 | 000001
  • ES REGISTRY SERVICES 7.31 | SP024 | 000001
  • ES REGISTRY SERVICES 7.31 | SP025 | 000000
  • ES REGISTRY SERVICES 7.31 | SP026 | 000000

Affected component

    BC-ESI-UDDI
    UDDI Server

CVSS

Score: 9.9
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2800779

TAGS

#RCE
#remote-code-execution
#&160-Services-Registry
#&160-CVE-2019-0351

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.