PT-2017-14518 · Sap · Sap Kernel
Publicado
2017-12-12
·
Atualizado
2018-01-04
·
CVE-2017-16679
CVSS v3.1
6.1
Média
| Vetor | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SAP KERNEL 32 NUC versions 7.21 through 7.22
SAP KERNEL 32 Unicode versions 7.21 through 7.22
SAP KERNEL 64 NUC versions 7.21 through 7.22
SAP KERNEL 64 Unicode versions 7.21 through 7.22
SAP KERNEL versions 7.21 through 7.52
Description
The issue allows an attacker to redirect users to a malicious site through a URL redirection vulnerability in SAP's Startup Service.
Recommendations
For SAP KERNEL 32 NUC versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 32 Unicode versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 64 NUC versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 64 Unicode versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL versions 7.21 through 7.52, update to a version outside of this range to resolve the issue.
Correção
Open Redirect
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sap Kernel