SAP Multiple Vulnerabilities

Advisory Information 
Title: SAP Multiple Vulnerabilities
Release date: 28/05/2014
Last update: 20/06/2014
Credits: Enrico Milanese, Emaze Networks S.p.A.

Vulnerability Information 
Class: Cross Site Scripting, Arbitrary Redirect
CVE: 2014-4159, 2014-4160, 2014-4161
CVSS: 5.8

Affected Software 
  • SAP NetWeaver Business Client
  • SAP Supplier Relationship Management Release 673 SP0

Vulnerability Details
The NWBC (NetWeaver Business Client) uses some test/debug nodes (related to development functionalities) that should be disabled in production systems; the node testcanvas is vulnerable to multiple Cross Site Scripting vulnerabilities on title and sap-accessibility parameters.

Proof of concept:


The SAP SRM (Supplier Relationship Management) component exposes a test/debug functionality related to SSO (Single Sign On) process; the resource umTestSSO.jsp fails to handle user input before using it into a dynamic generated content. 
The vulnerability could be used by an attacker to load any arbitrary remote html page inside the SAP SRM portal or conduct Cross Site Scripting attacks to SAP SRM portal's users.

Proof of concepts:



Apply the security patches provided by the vendor:


  1. There were SAP Multiple Vulnerabilities which we didn't know erlier. Thankfully, the brought that to light and it all made sense afterwards. I'm happy having had choosing them.

  2. I really enjoyed reading your article.

  3. If you like to play cards game than you can play online solitaire game. Spider solitaire game is best online play game you can play at school click here to play

  4. You will find more useful info if you'll click here, my friends.