CVE-2016-7435

Description

The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL 'SYSTEM' statement, aka SAP Security Note 2260344.

References

Link	Tags
http://seclists.org/fulldisclosure/2016/Oct/1	third party advisory mailing list
http://seclists.org/fulldisclosure/2016/Oct/0	third party advisory mailing list
https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshcheckenv	third party advisory
https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctcrefreshexporttabcomp	third party advisory
https://www.onapsis.com/research/security-advisories/sap-os-command-injection-sctctmsmaintainalog	third party advisory
http://www.securityfocus.com/bid/93272	vdb entry
http://seclists.org/fulldisclosure/2016/Oct/2	third party advisory mailing list
https://www.onapsis.com/blog/analyzing-sap-security-notes-march-2016	third party advisory

Frequently Asked Questions

What is the severity of CVE-2016-7435?: CVE-2016-7435 has been scored as a critical severity vulnerability.
How to fix CVE-2016-7435?: To fix CVE-2016-7435, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2016-7435 being actively exploited in the wild?: It is possible that CVE-2016-7435 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~1% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-264 – Permissions, Privileges, and Access Controls

References

Frequently Asked Questions