VDB-92545 · CVE-2016-7435 · BID 93272

SAP NetWeaver 7.40 SP12 SCTC_REORG_SPOOL access control

A vulnerability was found in SAP NetWeaver 7.40 SP12 (Solution Stack Software). It has been declared as critical. Affected by this vulnerability is the function SCTC_REORG_SPOOL. Applying a patch is able to eliminate this problem. A possible mitigation has been published before and not just after the disclosure of the vulnerability.

Field05/07/2019 04:47 PM09/22/2022 07:01 PM09/22/2022 07:08 PM
typeSolution Stack SoftwareSolution Stack SoftwareSolution Stack Software
vendorSAPSAPSAP
nameNetWeaverNetWeaverNetWeaver
version7.40 SP127.40 SP127.40 SP12
functionSCTC_REORG_SPOOLSCTC_REORG_SPOOLSCTC_REORG_SPOOL
vendorinformdate144849600014484960001448496000
risk222
historic000
cvss2_vuldb_basescore8.78.78.7
cvss2_vuldb_tempscore7.67.67.6
cvss2_vuldb_avNNN
cvss2_vuldb_acLLL
cvss2_vuldb_auSSS
cvss2_vuldb_ciPPP
cvss2_vuldb_iiCCC
cvss2_vuldb_aiCCC
cvss2_nvd_avNNN
cvss2_nvd_acLLL
cvss2_nvd_auSSS
cvss2_nvd_ciCCC
cvss2_nvd_iiCCC
cvss2_nvd_aiCCC
cvss3_meta_basescore9.19.19.1
cvss3_meta_tempscore8.78.98.9
cvss3_vuldb_basescore9.19.19.1
cvss3_vuldb_tempscore8.78.78.7
cvss3_nvd_avNNN
cvss3_nvd_acLLL
cvss3_nvd_prHHH
cvss3_nvd_uiNNN
cvss3_nvd_sCCC
cvss3_nvd_cHHH
cvss3_nvd_iHHH
cvss3_nvd_aHHH
date1476144000 (10/11/2016)1476144000 (10/11/2016)1476144000 (10/11/2016)
locationFull-DisclosureFull-DisclosureFull-Disclosure
typeMailinglist PostMailinglist PostMailinglist Post
urlhttp://seclists.org/fulldisclosure/2016/Oct/50http://seclists.org/fulldisclosure/2016/Oct/50http://seclists.org/fulldisclosure/2016/Oct/50
coordination111
person_namePablo ArtusoPablo ArtusoPablo Artuso
reaction_date1448582400 (11/27/2015)1448582400 (11/27/2015)1448582400 (11/27/2015)
disputed000
price_0day$5k-$25k$5k-$25k$5k-$25k
namePatchPatchPatch
date1470182400 (08/03/2016)1470182400 (08/03/2016)1470182400 (08/03/2016)
cveCVE-2016-7435CVE-2016-7435CVE-2016-7435
cve_assigned1473379200 (09/09/2016)1473379200 (09/09/2016)1473379200 (09/09/2016)
securityfocus_titleSAP Netweaver CVE-2016-7435 Multiple OS Command Injection VulnerabilitiesSAP Netweaver CVE-2016-7435 Multiple OS Command Injection VulnerabilitiesSAP Netweaver CVE-2016-7435 Multiple OS Command Injection Vulnerabilities
seealso92291 92293 92294 92541 92542 92543 92544 9254692291 92293 92294 92541 92542 92543 92544 9254692291 92293 92294 92541 92542 92543 92544 92546
cvss2_vuldb_eNDNDND
cvss2_vuldb_rlOFOFOF
cvss2_vuldb_rcCCC
cvss3_vuldb_eXXX
cvss3_vuldb_rlOOO
cvss3_vuldb_rcCCC
reaction_days251251251
0day_days251251251
cvss3_nvd_basescore9.19.19.1
cwe264 (access control)264 (access control)264 (access control)
cvss3_vuldb_avNNN
cvss3_vuldb_acLLL
cvss3_vuldb_prHHH
cvss3_vuldb_uiNNN
cvss3_vuldb_sCCC
cvss3_vuldb_cHHH
cvss3_vuldb_iHHH
cvss3_vuldb_aHHH
company_nameOnapsisOnapsisOnapsis
cve_nvd_published147562560014756256001475625600
securityfocus932729327293272
securityfocus_date1475452800 (10/03/2016)1475452800 (10/03/2016)1475452800 (10/03/2016)
securityfocus_classInput Validation ErrorInput Validation ErrorInput Validation Error
cve_nvd_summaryThe (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.
cvss2_nvd_basescore9.09.0

Interested in the pricing of exploits?

See the underground prices here!