Description
An administrator of SAP NetWeaver Application Server Java may change privileges for all or some functions in Java Server, and enables users to execute functions, they are not allowed to execute otherwise.
Appropriate Enterprise Java Beans (EJBs), which are remotely called via deprecated JCo RFC Provider service, are executed in a thread context with inherited AS Java permissions from the administrator user, who manually started or restarted some JCo RFC Provider Destination.
Available fix and Supported packages
- J2EE-FRMW | 7.10 | 7.11
- J2EE-FRMW | 7.20 | 7.20
- J2EE-FRMW | 7.30 | 7.30
- J2EE-FRMW | 7.31 | 7.31
- J2EE-FRMW | 7.40 | 7.40
- J2EE-FRMW | 7.50 | 7.50
- J2EE ENGINE FRAMEWORK 7.10 | SP023 | 000001
- J2EE ENGINE FRAMEWORK 7.10 | SP024 | 000001
- J2EE ENGINE FRAMEWORK 7.10 | SP025 | 000000
- J2EE ENGINE FRAMEWORK 7.11 | SP018 | 000001
- J2EE ENGINE FRAMEWORK 7.11 | SP019 | 000001
- J2EE ENGINE FRAMEWORK 7.11 | SP020 | 000000
- J2EE ENGINE FRAMEWORK 7.20 | SP009 | 000050
- J2EE ENGINE FRAMEWORK 7.30 | SP018 | 000006
- J2EE ENGINE FRAMEWORK 7.30 | SP019 | 000004
- J2EE ENGINE FRAMEWORK 7.30 | SP020 | 000000
- J2EE ENGINE FRAMEWORK 7.30 | SP021 | 000000
- J2EE ENGINE FRAMEWORK 7.31 | SP021 | 000007
- J2EE ENGINE FRAMEWORK 7.31 | SP022 | 000008
- J2EE ENGINE FRAMEWORK 7.31 | SP023 | 000004
- J2EE ENGINE FRAMEWORK 7.31 | SP024 | 000003
- J2EE ENGINE FRAMEWORK 7.31 | SP025 | 000003
- J2EE ENGINE FRAMEWORK 7.31 | SP026 | 000000
- J2EE ENGINE FRAMEWORK 7.31 | SP027 | 000000
- J2EE ENGINE FRAMEWORK 7.40 | SP016 | 000007
- J2EE ENGINE FRAMEWORK 7.40 | SP017 | 000008
Affected component
- BC-MID-CON-JCO
Java-Connector
CVSS
Score: 5.9
CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:H
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2814357
