Vulnerability Description
URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.52, that allows an attacker to redirect users to a malicious site.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Sap Kernel | 7.21 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/102157Third Party AdvisoryVDB Entry
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/Issue TrackingVendor Advisory
- https://launchpad.support.sap.com/#/notes/2520995Permissions RequiredVendor Advisory
- http://www.securityfocus.com/bid/102157Third Party AdvisoryVDB Entry
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/Issue TrackingVendor Advisory
- https://launchpad.support.sap.com/#/notes/2520995Permissions RequiredVendor Advisory
FAQ
What is CVE-2017-16679?
CVE-2017-16679 is a vulnerability with a CVSS score of 6.1 (MEDIUM). URL redirection vulnerability in SAP's Startup Service, SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45,...
How severe is CVE-2017-16679?
CVE-2017-16679 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-16679?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Sap Kernel.