Summary
SAProuter is prone to an authentication-bypass vulnerability.
Impact
Remote attackers can exploit this issue to bypass the authentication mechanism and gain unauthorized access.
Solution
Updates are available. Please see the references or vendor advisory for more information.
Insight
An attacker can reconfigure SAProuter remotely without authentication because authorization check is missing. It can lead to various threats, from information disclosure to full system compromise.
Affected
SAP Network Interface Router (SAProuter) 39.3 SP4
Detection
Send an information request and check the response.
References
Severity
Classification
-
CVE CVE-2013-7093 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities