Rewterz Threat Advisory – Multiple SAP Products Vulnerabilities

February 16, 2024

Severity

Medium

Analysis Summary

CVE-2024-21734 CVSS: 4.4

SAP Marketing could allow a remote authenticated attacker to conduct phishing attacks, caused by an open redirect vulnerability. An attacker could exploit this vulnerability using a specially crafted URL to redirect a victim to arbitrary Web sites.

CVE-2024-21735 CVSS: 7.3

SAP LT Replication Server could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper authorization validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2024-21736 CVSS: 6.4

SAP S/4HANA Finance could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to create in-house bank accounts.

CVE-2024-21738 CVSS: 4.1

SAP NetWeaver ABAP Application Server and ABAP Platform is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-22124 CVSS: 4.1

SAP NetWeaver could allow a local authenticated attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-22125 CVSS: 7.4

SAP Microsoft Edge browser extension could allow a remote attacker to obtain sensitive information, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.

CVE-2024-21737 CVSS: 7.6

SAP Application Interface Framework could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a code injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-22129 CVSS: 5.4

SAP Companion is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability using a specially crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.

CVE-2024-25642 CVSS: 7.4

SAP is vulnerable to a man-in-the-middle attack, caused by improper validation of certificate . An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.

CVE-2024-22132 CVSS: 7.4

SAP IDES Systems could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a command injection flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.