Vulnerability Details : CVE-2006-0732
Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.
Vulnerability category: Directory traversal
Products affected by CVE-2006-0732
- cpe:2.3:a:sap:business_connector:4.7:*:*:*:*:*:*:*
- cpe:2.3:a:sap:business_connector:4.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2006-0732
3.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 86 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2006-0732
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
6.4
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:P/A:N |
10.0
|
4.9
|
NIST |
References for CVE-2006-0732
-
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf
Vendor Advisory
-
http://www.securityfocus.com/archive/1/434014/30/4980/threaded
-
http://www.securityfocus.com/bid/16668
-
http://securitytracker.com/id?1015639
-
http://securitytracker.com/id?1016090
-
http://securitytracker.com/id?1016122
-
http://www.securityfocus.com/archive/1/425048/100/0/threaded
-
http://www.cybsec.com/vuln/CYBSEC_Security_Advisory_Arbitrary_File_Read_or_Delete_in_SAP_BC.pdf
-
http://www.vupen.com/english/advisories/2006/0611
Jump to