SB2018021331 - Multiple vulnerabilities in SAP NANA

Description

This security bulletin contains information about 9 secuirty vulnerabilities.

1) Information disclosure (CVE-ID: CVE-2018-2369)

The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information.

The vulnerability exists due to misusing of the authentication function of the SAP HANA server on its SQL interface. A remote attacker can disclose 8 bytes of the server process memory and gain access to potentially sensitive information.

2) Information disclosure (CVE-ID: CVE-2018-2372)

The vulnerability allows a remote attacker to obtain sensitive information on the target system.

The weakness exists due to a plain keystore password being written to a system log file. A remote attacker can obtain sensitive information.

3) Information disclosure (CVE-ID: CVE-2018-2373)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The weakness exists due to misuse of a specific endpoint of the Controller's API. A remote attacker can execute SQL statements that deliver information about system configuration and gain access to potentially sensitive information.

4) Information disclosure (CVE-ID: CVE-2018-2374)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists due to SpaceAuditor authorization in a specific space. A remote attacker can gain access to potentially sensitive information.

5) Information disclosure (CVE-ID: CVE-2018-2375)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.

The vulnerability exists due to SpaceAuditor authorization in a specific space. A remote attacker can gain access to potentially sensitive information.

6) Information disclosure (CVE-ID: CVE-2018-2376)

The vulnerability allows a remote authenticated attacker to obtain potentially sensitive information.

The vulnerability exists due to SpaceAuditor authorization in a specific space. A remote attacker can gain access to potentially sensitive information.

7) Information disclosure (CVE-ID: CVE-2018-2377)

The vulnerability allows a remote unauthorized attacker to obtain potentially sensitive information.

The vulnerability exists due to unknown reasons. A remote attacker can retrieve some general server statistics and status information.

8) Information disclosure (CVE-ID: CVE-2018-2378)

The vulnerability allows a remote unauthorized attacker to obtain potentially sensitive information.

The vulnerability exists due to unknown reasons. A remote attacker can read statistical data about deployed applications including resource consumption.

9) Information disclosure (CVE-ID: CVE-2018-2379)

The vulnerability allows a remote unauthenticated attacker to obtain potentially sensitive information.

The vulnerability exists due to evaluating error messages of a specific endpoint. A remote attacker can test if a given username is valid and gain access to potentially sensitive information.

Remediation

Install update from vendor's website.

References

• https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
• https://launchpad.support.sap.com/#/notes/2589129
• http://www.securityfocus.com/bid/103018
• https://service.sap.com/sap/support/notes/2589129