SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to sensitive user data and potential disruption of normal system usage. This causes a high impact on confidentiality, integrity and availability of the application.
An attacker with normal access level intercepts or obtains a properly signed XML message. Then modifies the content of the XML document while preserving the original signature, and sends the prepared document to the verifier. Due to improper signature verification (CWE-347), the system accepts the modified document as authentic. As a result, the attacker can present falsified user identity information, which will be considered trusted by the application.
An attacker can gain unauthorized access to sensitive data of other users by impersonating their identity. System disruptions are also possible, which means high impact on the confidentiality, integrity, and availability of the application.
Apply patches available from the vendor according to references — SAP Note 3746332 published as part of SAP Security Patch Day (https://url.sap/sapsecuritypatchday).
SAP NetWeaver Application Server ABAP and ABAP Platform — specific versions indicated in vendor references (SAP Note 3746332).
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H