- Description
- Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 6.4
- Impact score
- 4.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:P/A:N
- Hype score
- Not currently trending
- Comment
- -
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:sap:business_connector:4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE83F111-0035-4740-87A8-02425B9F3A4A"
},
{
"criteria": "cpe:2.3:a:sap:business_connector:4.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C1A6DBC-631B-4FB4-8B10-31F891B23577"
}
],
"operator": "OR"
}
]
}
]