SAP Gateway 10Kblaze Remote Code Execution Vulnerability.

critical Nessus Plugin ID 126003

Synopsis

The remote application is susceptible to remote code execution.

Description

A remote code execution vulnerability exists in the remote SAP Gateway as a result of allowing non-SAP applications to communicate with, and potentially run OS commands on SAP applications. An unauthenticated attacker can run the arbitrary commands on remote server to gain access to the system or to read/write sensitive information

Solution

Refer to US-CERT advisory and vendor documentation for guidance on mitigation.

See Also

https://www.us-cert.gov/ncas/alerts/AA19-122A

Plugin Details

Severity: Critical

ID: 126003

File Name: sap_gw_rce_detect.nbin

Version: 1.30

Type: remote

Family: General

Published: 6/19/2019

Updated: 8/15/2022

Asset Inventory: true

Risk Information

CVSS Score Rationale: Score based on typical remote code execution vulnerability

CVSS v2

Risk Factor: High

Base Score: 9.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:P

CVSS Score Source: manual

CVSS v3

Risk Factor: Critical

Base Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L

Vulnerability Information

CPE: cpe:/a:sap:gateway

Exploited by Nessus: true

Vulnerability Publication Date: 5/2/2019