1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. SAP NetWeaver Directory Traversal Vulnerability

Known Exploited Vulnerabilities CVE-2017-12637

SAP NetWeaver Application Server (AS) Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to read arbitrary files via a .. (dot dot) in the query string.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.
References
  1. https://onapsis.com/blog/active-exploitation-cve-2017-12637-sap/
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability primary_impact T1083 File and Directory Discovery
Comments
By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.
References
  1. https://onapsis.com/blog/active-exploitation-cve-2017-12637-sap/
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability secondary_impact T1592 Gather Victim Host Information
Comments
By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.
References
  1. https://onapsis.com/blog/active-exploitation-cve-2017-12637-sap/
CVE-2017-12637 SAP NetWeaver Directory Traversal Vulnerability secondary_impact T1555 Credentials from Password Stores
Comments
By exploiting this vulnerability in SAP Netweaver Java, the attacker can inject directory traversal commands, allowing for navigation of the file system beyond intended access. This can additionally lead to the discovery of password stores, as well as information about the host system, providing information that can be used in further attacks.
References
  1. https://onapsis.com/blog/active-exploitation-cve-2017-12637-sap/