SAP.NetWeaver.Log.injection.Remote.Command.Injection
Description
This indicates an attack attempt to exploit a Command Injection vulnerability in SAP NetWeaver.
This vulnerability is due to insufficient validation of user-supplied inputs. Successful exploitation results in arbitrary code execution under the context of the vulnerable application.
Affected Products
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |