SAProuter Remote Authentication Bypass (Note 1853140)

medium Nessus Plugin ID 72263

Language:

Synopsis

The remote application is susceptible to an authentication bypass attack.

Description

The remote host has a version of SAProuter that is affected by an authentication bypass vulnerability. When started with the '-X' flag, SAProuter permits routing to itself given a 'saprouttab' that allows access to its port. An unauthenticated, remote attacker can issue commands to SAProuter.

Solution

Restart SAProuter without '-X' and review the permissions in 'saprouttab'.

See Also

https://service.sap.com/sap/support/notes/1853140

http://www.nessus.org/u?6db5b37c

Plugin Details

Severity: Medium

ID: 72263

File Name: sap_router_note1853140.nasl

Version: 1.8

Type: remote

Family: General

Published: 2/3/2014

Updated: 4/11/2022

Configuration: Enable thorough checks

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Temporal Vector: E:POC/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:sap:network_interface_router

Required KB Items: Services/sap_router

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 11/12/2013

Reference Information

CVE: CVE-2013-7093

BID: 64230