Mass Disclosure of Vulnerabilities in SAP

Mass Disclosure of Vulnerabilities in SAP from ERPScan Specialists

This month ERPScan specialists published eight vulnerabilities of different criticality found in SAP products.

The vulnerabilities represented almost all risks from the OWASP Top 10, from path traversal and XSS to authorization bypass and code injection - and were published on the ERPScan.com site.

Every month we publish information about vulnerabilities found in SAP products by our specialists, but this was a really productive month.

We have to say that SAP has increased the rate of reaction against vulnerabilities found by third-party researchers. Right now they much are faster at finding solutions for these vulnerabilities, and it makes the system more secure.

However there is still a huge problem connected with administrators' ignorance and the complexity of installing updates.

That's why according to our surveys, a huge amount of SAP systems - including those available via internet - contain vulnerabilities which were already closed by SAP.

"These companies can be very easy targets for attackers," said Alexander Polyakov, the CTO of ERPScan.

Details of the vulnerabilities can be found here:

• http://erpscan.com/advisories/dsecrg-11-041-sap-netweaver-authentication-bypass-verb-tampering/

• http://erpscan.com/advisories/dsecrg-11-040-sap-netweaver-spml-xml-csrf-user-creation/

• http://erpscan.com/advisories/dsecrg-11-039-sap-netweaver-th_grep-module-code-injection-vulnerability-new/

• http://erpscan.com/advisories/dsecrg-11-038-sap-rstxscrp-report-smb-relay-vulnerability/

• http://erpscan.com/advisories/dsecrg-11-037-sap-bw-doc-multiple-xss/

• http://erpscan.com/advisories/dsecrg-11-036-sap-netwaver-virus-scan-interface-multiple-xss/

• http://erpscan.com/advisories/dsecrg-11-035-sap-gui-bapi-explorer-unauthorized-execution-of-function/

• http://erpscan.com/advisories/dsecrg-11-034-sap-netweaver-j2ee-mesync-%e2%80%93-information-disclose/