SAP NetWeaver Application Server for ABAP Migration Workbench Malware Scan Bypass Vulnerability

A vulnerability exists in the Migration Workbench (DX Workbench) component of SAP NetWeaver Application Server for ABAP. The issue arises because the application fails to initiate a malware scan when an attacker with administrative privileges uploads files to the server. This oversight allows for the potential upload of malicious files, leading to a low integrity impact on the application.

Impact

Exploitation of this vulnerability could result in the upload of malicious files to the application server, causing a low integrity impact on the affected system.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, where users can find the complete list of security updates and patches. For specific patching instructions, refer to the SAP Security Notes FAQs.