This critical security flaw is letting SAP users get around authentication

News
By
published

SAP moves to fix a handful of security flaws

SAP Building
Image Credit: SAP (Image credit: SAP)

SAP has fixed more than a dozen security vulnerabilities, including two critical-severity ones which could have allowed threat actors to take full control over a flawed endpoint

In a security advisory, SAP detailed the “missing authentication check” vulnerability affecting SAP BusinessObjects Business Intelligence PLatform versions 430, and 440. The bug is tracked as CVE-2024-41730, and carries a severity score of 9.8 (critical).

"In SAP BusinessObjects Business Intelligence Platform, if Single Sign On is enabled on Enterprise authentication, an unauthorized user can get a logon token using a REST endpoint," SAP explained in the advisory. "The attacker can fully compromise the system resulting in High impact on confidentiality, integrity and availability."

Server-side request forgeries, and more

The second critical vulnerability is a server-side request forgery (SSRF) flaw affecting apps built with SAP Build Apps prior to version 4.11.130. This bug was introduced through a fix for a previous vulnerability, and is tracked as CVE-2024-29415. It carries a severity score of 9.1. The bug was found in the ‘IP’ package for Node.js, when it analyzes if an IP address is public or not. With octal representation, the package erroneously recognizes ‘127.0.0.1’ as a public and globally routable address. 

SAP is the world’s largest ERP vendor, with products in use by more than 90% of the Forbes Global 2000 list, so cybercriminals will most likely scan for endpoints that haven’t applied the patch, looking for a way into the IT networks of some of the world’s most important brands. 

Besides these two, SAP fixed another four high-severity vulnerabilities, with scores ranging from 7.4 to 8.2. These include an XML injection issue in the SAP BEx Web Java Runtime Export Web Service, a bug in SAP S/4 HANA, one in SAP NetWeaver AS Java, and one in SAP Commerce Cloud.

Via Bleeping Computer

More from TechRadar Pro

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.