Vulnerability Details : CVE-2006-0732
Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.
Vulnerability category: Directory traversal
Exploit prediction scoring system (EPSS) score for CVE-2006-0732
Probability of exploitation activity in the next 30 days: 0.72%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 78 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2006-0732
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
References for CVE-2006-0732
-
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf
Vendor Advisory
-
http://www.securityfocus.com/archive/1/434014/30/4980/threaded
-
http://www.securityfocus.com/bid/16668
- http://securitytracker.com/id?1015639
-
http://securitytracker.com/id?1016090
- http://securitytracker.com/id?1016122
-
http://www.securityfocus.com/archive/1/425048/100/0/threaded
-
http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf
- http://www.vupen.com/english/advisories/2006/0611
Products affected by CVE-2006-0732
- cpe:2.3:a:sap:business_connector:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:sap:business_connector:4.6:*:*:*:*:*:*:*