CVE-2021-33701

Published: Sep 15, 2021Modified: Nov 21, 2024

9.1

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Exploitability: 2.3 / Impact: 6.0

Source: NVD

Description

DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 710, 2011_1_731, 710, 2011_1_752, 2020, SAPSCORE 125, S4CORE 102, 102, 103, 104, 105, allows an attacker with access to highly privileged account to execute manipulated query in NDZT tool to gain access to Superuser account, leading to SQL Injection vulnerability, that highly impacts systems Confidentiality, Integrity and Availability.

Affected (14)

Products: Sap: Dmis, S4core, Sapscore

3 products

Configuration A

14 vulnerable

Vulnerable Software	Affected Versions
Sap Dmis	Version 2011_1_620
Sap Dmis	Version 2011_1_640
Sap Dmis	Version 2011_1_700
Sap Dmis	Version 2011_1_710
Sap Dmis	Version 2011_1_730
Sap Dmis	Version 2011_1_731
Sap Dmis	Version 2011_1_752
Sap Dmis	Version 2020125
Sap Dmis	Version 710
Sap S4core	Version 102
Sap S4core	Version 103
Sap S4core	Version 104
Sap S4core	Version 105
Sap Sapscore	Version 125

Related CWEs

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

References (12)

http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html

Source: cna@sap.com

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html

Source: cna@sap.com

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2021/Dec/35

Source: cna@sap.com

ExploitMailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2021/Dec/36

Source: cna@sap.com

ExploitMailing ListThird Party Advisory

https://launchpad.support.sap.com/#/notes/3078312

Source: cna@sap.com

Permissions RequiredVDB EntryVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806

Source: cna@sap.com

Vendor Advisory

http://packetstormsecurity.com/files/165303/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-SQL-Injection.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/165304/SAP-Netweaver-IUUC_RECON_RC_COUNT_TABLE_BIG-ABAP-Code-Injection.html

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party AdvisoryVDB Entry

http://seclists.org/fulldisclosure/2021/Dec/35

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

http://seclists.org/fulldisclosure/2021/Dec/36

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitMailing ListThird Party Advisory

https://launchpad.support.sap.com/#/notes/3078312

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVDB EntryVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.