PT-2017-14518 · Sap · Sap Kernel
Published
2017-12-12
·
Updated
2018-01-04
·
CVE-2017-16679
CVSS v3.1
6.1
Medium
| Vector | AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
SAP KERNEL 32 NUC versions 7.21 through 7.22
SAP KERNEL 32 Unicode versions 7.21 through 7.22
SAP KERNEL 64 NUC versions 7.21 through 7.22
SAP KERNEL 64 Unicode versions 7.21 through 7.22
SAP KERNEL versions 7.21 through 7.52
Description
The issue allows an attacker to redirect users to a malicious site through a URL redirection vulnerability in SAP's Startup Service.
Recommendations
For SAP KERNEL 32 NUC versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 32 Unicode versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 64 NUC versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL 64 Unicode versions 7.21 through 7.22, update to a version outside of this range to resolve the issue.
For SAP KERNEL versions 7.21 through 7.52, update to a version outside of this range to resolve the issue.
Fix
Open Redirect
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Kernel