Vulnerability Description
An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to the provided email address. However, this measure can be bypassed and attackers can register and confirm email addresses that they do not have access to (candidate_hrobject is predictable and corr_act_guid is improperly validated). Furthermore, since an email address can be registered only once, an attacker could prevent other legitimate users from registering. This is SAP Security Note 2507798.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | E-Recruiting | 605 |
Related Weaknesses (CWE)
References
- https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2507798Permissions RequiredVendor Advisory
- https://www.sec-consult.com/en/blog/advisories/email-verification-bypass-in-sap-Third Party Advisory
- https://blogs.sap.com/2017/09/12/sap-security-patch-day-september-2017/Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2507798Permissions RequiredVendor Advisory
- https://www.sec-consult.com/en/blog/advisories/email-verification-bypass-in-sap-Third Party Advisory
FAQ
What is CVE-2017-14511?
CVE-2017-14511 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in SAP E-Recruiting (aka ERECRUIT) 605 through 617. When an external applicant registers to the E-Recruiting application, he/she receives a link by email to confirm access to t...
How severe is CVE-2017-14511?
CVE-2017-14511 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-14511?
Check the references section above for vendor advisories and patch information. Affected products include: Sap E-Recruiting.