Details of VAR-200904-0571

ID

VAR-200904-0571

TITLE

SAP cFolders Multiple Cross-Site Scripting and HTML Injection Vulnerabilities

Trust: 0.6

sources: CNVD: CNVD-2009-2406

DESCRIPTION

cFolders (Collaboration Folders) is SAP's web-based information collaboration sharing application. Cfolders does not properly validate the p_current_role parameter submitted by the col_table_filter.htm and me_ov.htm pages, and a remote attacker can perform a cross-site scripting attack by submitting a malicious request to the above page; in addition, if a malicious LINK field is submitted to the hyp_de_create.htm page or Submitting a file with a malicious file name in the document upload area can also result in infusion and execution of malicious code. SAP cFolders is prone to multiple cross-site scripting and HTML-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. Attacker-supplied HTML or JavaScript code could run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials and to control how the site is rendered to the user; other attacks are also possible

Trust: 0.99

sources: CNVD: CNVD-2009-2406 // BID: 34658 // IVD: 1ea57e7a-1fcd-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 0.8

sources: IVD: 1ea57e7a-1fcd-11e6-abef-000c29c66e3d // CNVD: CNVD-2009-2406

AFFECTED PRODUCTS

vendor:	sap	model:	netweaver business client	scope:	eq	version:	0	Trust: 0.8
vendor:	sap	model:	cfolders	scope:	eq	version:	0	Trust: 0.3

sources: IVD: 1ea57e7a-1fcd-11e6-abef-000c29c66e3d // CNVD: CNVD-2009-2406 // BID: 34658

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD:	CNVD-2009-2406
value:	MEDIUM
Trust: 0.6
IVD:	1ea57e7a-1fcd-11e6-abef-000c29c66e3d
value:	MEDIUM
Trust: 0.2

CNVD:	CNVD-2009-2406
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
IVD:	1ea57e7a-1fcd-11e6-abef-000c29c66e3d
severity:	MEDIUM
baseScore:	6.4
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	4.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2

sources: IVD: 1ea57e7a-1fcd-11e6-abef-000c29c66e3d // CNVD: CNVD-2009-2406

THREAT TYPE

network

Trust: 0.3

sources: BID: 34658

TYPE

Input Validation Error

Trust: 0.3

sources: BID: 34658

PATCH

title:

SAP cFolders patch for multiple cross-site scripting and HTML injection vulnerabilities

url:

https://www.cnvd.org.cn/patchinfo/show/35908

Trust: 0.6

sources: CNVD: CNVD-2009-2406

EXTERNAL IDS

db:	BID	id:	34658	Trust: 0.9
db:	CNVD	id:	CNVD-2009-2406	Trust: 0.8
db:	IVD	id:	1EA57E7A-1FCD-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 1ea57e7a-1fcd-11e6-abef-000c29c66e3d // CNVD: CNVD-2009-2406 // BID: 34658

REFERENCES

url:	http://marc.info/?l=bugtraq&m=124041179530819&w=2	Trust: 0.6
url:	http://dsecrg.com/pages/vul/show.php?id=114	Trust: 0.3
url:	http://dsecrg.com/pages/vul/show.php?id=121	Trust: 0.3
url:	/archive/1/502869	Trust: 0.3
url:	msg://bugtraq/1836595297.20090422034605@dsecrg.com	Trust: 0.3
url:	https://service.sap.com/sap/support/notes/1284360	Trust: 0.3
url:	https://service.sap.com/sap/support/notes/1292875	Trust: 0.3

sources: CNVD: CNVD-2009-2406 // BID: 34658

CREDITS

Digital Security Research Group

Trust: 0.3

sources: BID: 34658

SOURCES

db:	IVD	id:	1ea57e7a-1fcd-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2009-2406
db:	BID	id:	34658

LAST UPDATE DATE

2022-05-17T01:53:44.328000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2009-2406	date:	2009-04-21T00:00:00
db:	BID	id:	34658	date:	2009-04-22T17:26:00

SOURCES RELEASE DATE

db:	IVD	id:	1ea57e7a-1fcd-11e6-abef-000c29c66e3d	date:	2009-04-21T00:00:00
db:	CNVD	id:	CNVD-2009-2406	date:	2009-04-21T00:00:00
db:	BID	id:	34658	date:	2009-04-21T00:00:00