Vahagn Vardanian

Co-founder and CTO of RedRays

August 8, 2017
12:00 am

Multiple Security Vulnerabilities in SAP SRM Live Auction Application, SAP security note 2493099

Description

Multiple security vulnerabilities have been discovered in SAP SRM Live Auction Application.

1. Cross-Site Scripting (XSS): Live Auction smoke test application does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

Some well-known impacts of XSS vulnerability are –

non-permanently deface or modify displayed content from a Web site
steal authentication information of the user, such as data relating to his or her current session
impersonate the user and access all information with the same rights as the target user

CVSS Information

CVSS v3 Base Score: 6.1 / 10
CVSS v3 Base Vector:

AV : Attack Vector (Related exploit range)	Network (N)
AC : Attack Complexity (Required attack complexity)	Low (L)
PR : Privileges Required (Level of privileges needed to exploit)	None (N)
UI : User Interaction (Required user participation)	Required (R)
S : Scope (Change in scope due to impact caused to components beyond the vulnerable component)	Changed (C)
C : Impact to Confidentiality	Low (L)
I : Impact to Integrity	Low (L)
A : Impact to Availability	None (N)

SAP provides this CVSS v3 base score as an estimate of the risk posed by the issue reported in this note. This estimate does not take into account your own system configuration or operational environment. It is not intended to replace any risk assessments you are advised to conduct when deciding on the applicability or priority of this SAP security note. For more information, see the FAQ section at https://support.sap.com/securitynotes.

2. Information Disclosure: Under certain conditions Live Auction application allows an attacker to access information which would otherwise be restricted.

Some well-known impacts of Information Disclosure are –

loss of information and system configuration confidentiality
information gathering for further exploits and attacks

CVSS Score: 4.3, NLLN | U | LNN

Available fix and Supported packages

SRM_SERVER | 701 | 701
SRM_SERVER | 702 | 702
SRM_SERVER | 713 | 713
SRM_SERVER | 714 | 714
SAP LACWPS 6.0 NW7.3 | SP000 | 000006

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2493099

Vahagn Vardanian

Multiple Security Vulnerabilities in SAP SRM Live Auction Application, SAP security note 2493099

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#&65279-XSS
#stored-XSS
#reflected-XSS
#CSS&65279
#LAC
#Live-Auction
#Information-Disclosure
#&160-Information-Leak

More to explorer

Reproducing CVE-2024-10979: A Step-by-Step Guide

SAP Security Patch Day – November 2024

How the SAP Penetration Testing Process at RedRays Works

Local Privilege Escalation Vulnerability in SAP SAPControl

Vahagn Vardanian

Multiple Security Vulnerabilities in SAP SRM Live Auction Application, SAP security note 2493099

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#&65279-XSS#stored-XSS#reflected-XSS#CSS&65279#LAC#Live-Auction#Information-Disclosure#&160-Information-Leak

More to explorer

Reproducing CVE-2024-10979: A Step-by-Step Guide

SAP Security Patch Day – November 2024

How the SAP Penetration Testing Process at RedRays Works

Local Privilege Escalation Vulnerability in SAP SAPControl

Special offer for SAP Security Udemy course!

$ 9.99

#&65279-XSS
#stored-XSS
#reflected-XSS
#CSS&65279
#LAC
#Live-Auction
#Information-Disclosure
#&160-Information-Leak