SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
BID:104435
Info
SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
| Bugtraq ID: | 104435 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 12 2018 12:00AM |
| Updated: | Jun 12 2018 12:00AM |
| Credit: | SAP |
| Vulnerable: |
SAP Basis 7.66 SAP Basis 7.65 SAP Basis 7.51 SAP Basis 7.50 SAP Basis 7.40 SAP Basis 7.31 |
| Not Vulnerable: | |
Discussion
SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
SAP BASIS is prone to an OS command-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks.
SAP BASIS is prone to an OS command-injection vulnerability because it fails to properly sanitize user-supplied input.
An attacker may exploit this issue to inject and execute arbitrary commands within the context of the affected application; this may aid in further attacks.
Exploit / POC
SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
SAP BASIS Report for Terminology Export OS Command Injection Vulnerability
References:
References:
- SAP Homepage (SAP)
- SAP Security Note 2357141 (SAP)
- SAP Security Patch Day �?? June 2018 (SAP)