N/A

Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.

N/A

N/A

SAP Business Connector路径遍历漏洞

SAP Business Connector是SAP公司OEM世界著名的中间件厂商Webmethod的中间件产品，允许SAP系统通过开放的无限制的标准与各种不同的应用环境进行集成。 SAP Business Connector（BC）4.6和4.7版本在处理用户请求时存在目录遍历漏洞。远程攻击者可利用此漏洞在非授权读取或删除系统文件。如果将fullName参数更改为/etc/passwd(URL编码)而不是所浏览的<SAP PATH>/packages/SAP/logs/new_sap.log，用户就会得

N/A

N/A