Rewterz Threat Advisory – Multiple Intel Products and Processors
March 9, 2022Rewterz Threat Advisory – Citrix Federated Authentication Service Vulnerability
March 9, 2022Rewterz Threat Advisory – Multiple Intel Products and Processors
March 9, 2022Rewterz Threat Advisory – Citrix Federated Authentication Service Vulnerability
March 9, 2022Severity
Medium
Analysis Summary
CVE-2022-26104
SAP Financial Consolidation could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation for updating homepage messages. By sending a specially-crafted request, an attacker could exploit this vulnerability to alter the maintenance system message.
CVE-2022-26103
SAP NetWeaver AS JAVA could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-26102
SAP NetWeaver Application Server for ABAP could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to access content on the start screen and manipulate data before the start screen is executed.
CVE-2022-26101
SAP Fiori launchpad is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-26100
SAP SAPCAR is vulnerable to a denial of service, caused by improper input validation. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause SAPCAR process to crash, and obtain privileged access to the system.
CVE-2022-24399
SAP Focused Run is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the REST service. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-24398
SAP Business Objects Business Intelligence Platform could allow a remote authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-24396
SAP Focused Run could allow a local attacker to gain elevated privileges on the system, caused by improper authentication validation. By sending a specially-crafted request, an attacker could exploit this vulnerability to gain access to administrative or other privileged functionalities and read, modify, or delete sensitive information and configurations.
CVE-2022-24395
SAP NetWeaver Enterprise Portal is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-22547
SAP Focused Run could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially-crafted request via random port 9000-65535, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Information Disclosure
- Cross-site Scripting
- Denial of Service
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2022-26104
- CVE-2022-26103
- CVE-2022-26102
- CVE-2022-26101
- CVE-2022-26100
- CVE-2022-24399
- CVE-2022-24398
- CVE-2022-24396
- CVE-2022-24395
- CVE-2022-22547
Affected Vendors
SAP
Affected Products
- SAP Financial Consolidation 10.1
- SAP NetWeaver AS Java 7.50
- SAP NetWeaver AS for ABAP 731
- SAP NetWeaver AS for ABAP 700
- SAP NetWeaver AS for ABAP 702
- SAP NetWeaver AS for ABAP 701
- SAP Fiori Launchpad 754
- SAP Fiori Launchpad 755
- SAP Fiori Launchpad 756
- SAP SAPCAR 7.22
- SAP Focused RUN 200
- SAP Focused RUN 300
- SAP Business Objects Business Intelligence Platform 4.20
- SAP Business Objects Business Intelligence Platform 4.30
- SAP Focused Run
- SAP NetWeaver Enterprise Portal 7.11
- SAP NetWeaver Enterprise Portal 7.20
- SAP NetWeaver Enterprise Portal 7.30
- SAP NetWeaver Enterprise Portal 7.31
Remediation
Refer to SAP security advisory for patch information, available from the SAP Web site (Login required).
CVE-2022-26104
CVE-2022-26103
CVE-2022-26102
CVE-2022-26101
CVE-2022-26100
CVE-2022-24399
CVE-2022-24398
CVE-2022-24396
CVE-2022-24395
CVE-2022-22547