PT-2015-6234 · Sap+1 · Sap Afaria+1

Russ Spooner

Published

2015-07-16

Updated

2016-12-06

CVE-2015-3449

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SAP Afaria version 7.0.6398.0

Description The issue concerns weak permissions set for the install folder of the Windows client in SAP Afaria, allowing local users to escalate privileges. This can be achieved by exploiting the weak permissions (Everyone: read and Everyone: write) through a Trojan horse XeService.exe file.

Recommendations For SAP Afaria version 7.0.6398.0, consider restricting access to the install folder to prevent local users from exploiting the weak permissions until a fix is available. As a temporary workaround, restrict write access to the XeService.exe file to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-254

Related Identifiers

CVE-2015-3449

Affected Products

Sap Afaria

Windows

PT-2015-6234 · Sap+1 · Sap Afaria+1

CVE-2015-3449

Weakness Enumeration

Related Identifiers

Affected Products

References · 5