NVD Vulnerability Detail

CVE-2016-7435

Summary	The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.
Publication Date	Oct. 6, 2016, 1:59 a.m.
Registration Date	Jan. 26, 2021, 2:17 p.m.
Last Update	Nov. 21, 2024, 11:58 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:sap:netweaver:7.40:sp12::::::

Related information, measures and tools

No	URL	タグ
1	http://seclists.org/fulldisclosure/2016/Oct/0	Mailing List Third Party Advisory
2	http://seclists.org/fulldisclosure/2016/Oct/0	Mailing List Third Party Advisory
3	http://seclists.org/fulldisclosure/2016/Oct/1	Mailing List Third Party Advisory
4	http://seclists.org/fulldisclosure/2016/Oct/1	Mailing List Third Party Advisory
5	http://seclists.org/fulldisclosure/2016/Oct/2	Mailing List Third Party Advisory
6	http://seclists.org/fulldisclosure/2016/Oct/2	Mailing List Third Party Advisory
7	http://www.securityfocus.com/bid/93272
8	http://www.securityfocus.com/bid/93272
9	https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016	Third Party Advisory
10	https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016	Third Party Advisory
11	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv	Third Party Advisory
12	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv	Third Party Advisory
13	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp	Third Party Advisory
14	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp	Third Party Advisory
15	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog	Third Party Advisory
16	https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-264	認可・権限・アクセス制御	https://cwe.mitre.org/data/definitions/264.html

JVN Vulnerability Information

SAP Netweaver の SCTC サブパッケージの複数の関数における任意のコマンドを実行される脆弱性

Title	SAP Netweaver の SCTC サブパッケージの複数の関数における任意のコマンドを実行される脆弱性
Summary	SAP Netweaver の SCTC サブパッケージの (1) SCTC_REFRESH_EXPORT_TAB_COMP、(2) SCTC_REFRESH_CHECK_ENV、および (3) SCTC_TMS_MAINTAIN_ALOG 関数には、任意のコマンドを実行される脆弱性が存在します。ベンダは、本脆弱性を SAP Security Note 2260344 として公開しています。
Possible impacts	特定のパーミッションを持つリモート認証されたユーザにより、CALL 'SYSTEM' ステートメントに関する問題によって、任意のコマンドを実行される可能性があります。
Solution	ベンダ情報および参考情報を参照して適切な対策を実施してください。
Publication Date	March 8, 2016, midnight
Registration Date	Oct. 13, 2016, 11:34 a.m.
Last Update	Oct. 13, 2016, 11:34 a.m.

Affected System

SAP

SAP NetWeaver 7.40 SP 12

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-7435	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7435
National Vulnerability Database (NVD)
2	CVE-2016-7435	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7435

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
Acknowledgments to Security Researchers
1	SAP Security Note 2260344	http://scn.sap.com/docs/DOC-55451

その他

No	Name	URL
関連文書
1	Analyzing SAP Security Notes March 2016 (2260344)	https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016
2	Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP	http://seclists.org/fulldisclosure/2016/Oct/0
3	Onapsis Security Advisory ONAPSIS-2016-042: SAP OS Command Injection in SCTC_REFRESH_CHECK_ENV	http://seclists.org/fulldisclosure/2016/Oct/2
4	Onapsis Security Advisory ONAPSIS-2016-043: SAP OS Command Injection in SCTC_TMS_MAINTAIN_ALOG	http://seclists.org/fulldisclosure/2016/Oct/1

Change Log

No	Changed Details	Date of change
0	[2016年10月13日] 掲載	Feb. 17, 2018, 10:37 a.m.