CVE-2013-7362
high
CVSS v3
—
CVSS v2
7.5
VIR risk
7.5
Description
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors.
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| sap | ccms_agent | - | |
References
- http://archives.neohapsis.com/archives/bugtraq/2013-02/0135.html
- http://scn.sap.com/docs/DOC-8218
- http://www.onapsis.com/get.php?resid=adv_onapsis-2013-005
- http://www.onapsis.com/research-advisories.php
- https://service.sap.com/sap/support/notes/1758450
- http://archives.neohapsis.com/archives/bugtraq/2013-02/0135.html
- http://scn.sap.com/docs/DOC-8218
- http://www.onapsis.com/get.php?resid=adv_onapsis-2013-005
- http://www.onapsis.com/research-advisories.php
- https://service.sap.com/sap/support/notes/1758450
CWEs
CWE-94
Verify integrity in audit chain (admin only). AS-IS.