CVE-2022-27668

Description

Depending on the configuration of the route permission table in file 'saprouttab', it is possible for an unauthenticated attacker to execute SAProuter administration commands in SAP NetWeaver and ABAP Platform - versions KERNEL 7.49, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.49, KRNL64UC 7.49, SAP_ROUTER 7.53, 7.22, from a remote client, for example stopping the SAProuter, that could highly impact systems availability.

Affected products

• SAP_SE / SAP NetWeaver and ABAP PlatformKERNEL 7.49 – KERNEL 7.49
• SAP_SE / SAP NetWeaver and ABAP Platform7.77 – 7.77
• SAP_SE / SAP NetWeaver and ABAP Platform7.81 – 7.81
• SAP_SE / SAP NetWeaver and ABAP Platform7.85 – 7.85
• SAP_SE / SAP NetWeaver and ABAP Platform7.86 – 7.86
• SAP_SE / SAP NetWeaver and ABAP Platform7.87 – 7.87
• SAP_SE / SAP NetWeaver and ABAP Platform7.88 – 7.88
• SAP_SE / SAP NetWeaver and ABAP PlatformKRNL64NUC 7.49 – KRNL64NUC 7.49
• SAP_SE / SAP NetWeaver and ABAP PlatformKRNL64UC 7.49 – KRNL64UC 7.49
• SAP_SE / SAP NetWeaver and ABAP PlatformSAP_ROUTER 7.53 – SAP_ROUTER 7.53
• SAP_SE / SAP NetWeaver and ABAP Platform7.22 – 7.22

References

• MISChttps://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
• MISChttps://launchpad.support.sap.com/#/notes/3158375
• MAILING_LISThttp://seclists.org/fulldisclosure/2022/Sep/17
• EXPLOIThttp://packetstormsecurity.com/files/168406/SAP-SAProuter-Improper-Access-Control.html