CVE-2017-16679
Last modified
CVE-2017-16679 is a vulnerability of currently unknown severity. URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.52, that allows an attacker to redirect users to a malicious site.. EPSS estimates a 0.87% chance of exploitation in the next 30 days.
Description
URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.52, that allows an attacker to redirect users to a malicious site.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Sap | Sap Kernel | 7.21 |
| Sap | Sap Kernel | 7.21ext |
| Sap | Sap Kernel | 7.22 |
| Sap | Sap Kernel | 7.22ext |
| Sap | Sap Kernel | 7.45 |
| Sap | Sap Kernel | 7.49 |
| Sap | Sap Kernel | 7.52 |
References
- http://www.securityfocus.com/bid/102157Third Party Advisory, VDB Entry
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/Issue Tracking, Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2520995Permissions Required, Vendor Advisory
- http://www.securityfocus.com/bid/102157Third Party Advisory, VDB Entry
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/Issue Tracking, Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2520995Permissions Required, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2017-16679?
How severe is CVE-2017-16679?
How do I fix CVE-2017-16679?
Are you affected by CVE-2017-16679?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST