{"id":23653,"date":"2024-10-30T09:40:46","date_gmt":"2024-10-30T08:40:46","guid":{"rendered":"https:\/\/herolab.usd.de\/security-advisories\/usd-2024-0004\/"},"modified":"2024-11-08T16:09:47","modified_gmt":"2024-11-08T15:09:47","slug":"usd-2024-0004","status":"publish","type":"page","link":"https:\/\/herolab.usd.de\/en\/security-advisories\/usd-2024-0004\/","title":{"rendered":"usd-2024-0004"},"content":{"rendered":"

[et_pb_section fb_built=\"1\" _builder_version=\"4.21.0\" _module_preset=\"default\" background_color=\"#2E353D\" custom_padding=\"||0px|||\" global_colors_info=\"{}\"][et_pb_row _builder_version=\"4.25.2\" _module_preset=\"default\" global_colors_info=\"{}\"][et_pb_column type=\"4_4\" _builder_version=\"4.21.0\" _module_preset=\"default\" global_colors_info=\"{}\"][et_pb_text _builder_version=\"4.27.0\" _module_preset=\"default\" custom_padding=\"||13px|||\" global_colors_info=\"{}\"]<\/p>\n

usd-2024-0004 | Stored XSS in SAP Business Connector<\/h1>\n

<\/h1>\n

Advisory ID<\/strong>: usd-2024-0004
Product<\/strong>: SAP Business Connector
Affected Version<\/strong>: 4.8.1 SR4 & CF2
Vulnerability Type<\/strong>: Improper Neutralization of Input During Web Page Generation (CWE-79 'Stored Cross-site Scripting')
Security Risk<\/strong>: Medium CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:R\/S:C\/C:L\/I:L\/A:N
Vendor URL<\/strong>: https:\/\/support.sap.com\/en\/product\/connectors\/bc.html<\/a>
Vendor acknowledged vulnerability<\/strong>: Yes
Vendor Status<\/strong>: Fixed
CVE number<\/strong>: CVE-2024-30215
CVE Link<\/strong>: https:\/\/nvd.nist.gov\/vuln\/detail\/CVE-2024-30215<\/a><\/p>\n

Description<\/h3>\n

SAP Business Connector is an application developed by SAP SE, a German software corporation specializing in enterprise software solutions.<\/p>\n

SAP Business Connector is an integration tool that allows businesses to connect various systems and applications, both within and outside the organization.
It enables seamless data exchange and interoperability between different systems, enabling businesses to automate processes, streamline operations, and improve productivity.<\/p>\n

The application provides a platform for integrating diverse systems, such as ERP (Enterprise Resource Planning) systems, databases, web services, and legacy systems.
It supports a wide range of communication protocols, including HTTP, FTP, SOAP, and XML.<\/p>\n

Version 4.8.1 with Patch SR4 and CF2 was found to be vulnerable to a stored XSS vulnerability in the \"User-Agent field\" of the \"Outbound HTTP Settings\".<\/p>\n

Proof of Concept<\/h3>\n

Navigate to \"Settings\" > \"Resources\" and hit \"Edit Resource Settings\".
Enter the payload \"><img src=\/X onerror=alert(document.domain)> <\/strong>into the \"User-Agent\" field of the \"Outbound HTTP Settings\".<\/p>\n

The payload is stored and reflected whenever a user visits the Resource Settings page:<\/p>\n

\"\"<\/p>\n

Fix<\/h3>\n

It is recommended to treat all input on the website as potentially dangerous.
Hence, all output that is dynamically generated based on user-controlled data should be encoded according to its context.
The majority of programming languages support standard procedures for encoding meta characters.<\/p>\n

References<\/h3>\n

https:\/\/owasp.org\/www-community\/attacks\/xss\/<\/a><\/p>\n

Timeline<\/h3>\n