Lucene search
PRIOn knowledge basePRION:CVE-2010-5326HistoryMay 13, 2016 - 10:59 a.m.
Authentication flaw
2016-05-1310:59:00
PRIOn knowledge base
www.prio-n.com
8
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request, as exploited in the wild in 2013 through 2016, aka a βDetourβ attack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| netweaver_application_server_java | le | 7.30 |
References
service.sap.com/sap/support/notes/1445998
www.onapsis.com/research/publications/sap-security-in-depth-vol4-the-invoker-servlet-a-dangerous-detour-into-sap-java-solutions
www.securityfocus.com/bid/48925
www.securityfocus.com/bid/90533
www.us-cert.gov/ncas/alerts/TA16-132A
www.onapsis.com/threat-report-tip-iceberg-wild-exploitation-cyber-attacks-sap-business-applications
Related
cvelist
cvelist
CVE-2010-5326
2016-05-13 10:00:00
attackerkb
attackerkb
CVE-2010-5326
2016-05-13 00:00:00
cisa_kev
cisa_kev
SAP NetWeaver Remote Code Execution Vulnerability
2021-11-03 00:00:00
nessus
nessus
SAP NetWeaver AS Java Invoker Servlet Code Execution (1445998)
2021-04-09 00:00:00
cve
cve
CVE-2010-5326
2016-05-13 10:59:00
nvd
nvd
CVE-2010-5326
2016-05-13 10:59:00
threatpost
threatpost
βElephant Beetleβ Lurks for Months in Networks
2022-01-05 22:18:28
SAP Bugs Under Active Cyberattack
2021-04-06 18:47:57
thn
thn
Researchers Uncover Hacker Group Behind Organized Financial-Theft Operation
2022-01-05 13:40:00
Watch Out! Mission Critical SAP Applications Are Under Active Attack
2021-04-06 13:43:00
rapid7blog
rapid7blog
Attackers Targeting Fortinet Devices and SAP Applications
2021-04-08 17:18:07
qualysblog
qualysblog
Managing CISA Known Exploited Vulnerabilities with Qualys VMDR
2022-02-23 05:39:00