Sap Gui 7.5

by

SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
Publish Date : 2017-03-23 Last Update Date : 2019-10-03
Scroll To Comments External Links

- CVSS Scores & Vulnerability Types

CVSS Score
Confidentiality ImpactPartial(There is considerable informational disclosure.)
Integrity ImpactPartial(Modification of some system files or information is possible, but the attacker does not have control over what can be modified, or the scope of what the attacker can affect is limited.)
Availability ImpactPartial(There is reduced performance or interruptions in resource availability.)
Access ComplexityLow(Specialized access conditions or extenuating circumstances do not exist. Very little knowledge or skill is required to exploit. )
AuthenticationNot required(Authentication is not required to exploit the vulnerability.)
Gained AccessNone
Vulnerability Type(s)Execute CodeBypass a restriction or similar
CWE ID732

- Products Affected By CVE-2017-6950

#Product TypeVendorProductVersionUpdateEditionLanguage
1 Application SAPGui For Windows 7.20 * * * Version DetailsVulnerabilities
2 Application SAPGui For Windows 7.30 * * * Version DetailsVulnerabilities
3 Application SAPGui For Windows 7.40 Core Sp00-sp011 * * * Version DetailsVulnerabilities
4 Application SAPGui For Windows 7.50 Core Sp000 * * * Version DetailsVulnerabilities

- Number Of Affected Versions By Product

Vendor Product Vulnerable Versions
SAPGui For Windows 4

- References For CVE-2017-6950

https://erpscan.io/advisories/erpscan-17-011-sap-gui-versions-remote-code-execution-bypass-security-policy/
http://www.securityfocus.com/bid/96872
BID 96872 SAP GUI CVE-2017-6950 Remote Code Execution Vulnerability Release Date:2017-04-13
http://www.securitytracker.com/id/1038122
SECTRACK 1038122

- Metasploit Modules Related To CVE-2017-6950

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)

In C:SAPDownload501329866BDNW7.0Presentation7.40Comp.3PRES1GUIWINDOWSWIN32 folder, choose SetupALL.exe. Start SetupAll.exe. Click on Next button. SAP Front-end Installer SAP Front-end Installer Wizard. Select the options and click on Next button. SAP Front-end Installer- Select Components. Click on Next button. Select Target Directory for SAP GUI. Hello, I had downloaded GUI 7.5 for Win and started testing. It suddenly switched to some new design wich looked very Fiori like. SAP GUI for Windows 7.5 (.) Web Dynpro ABAP NetWeaver 7.51 / SAPUI 7.51 SAP Business Client SAP Business Client 6.5 (.) 1.4 Platform Support and Maintenance Strategy SAP GUI for Java/Windows is “downward compatible” which means latest versions of SAP GUI can work with other.

SAP GUI : Overview

  • SAP GUI is a client tool which is used to access remote central server and runs on different Operating systems like Windows, Unix, Mac, etc.,
  • This is used to manage and access SAP applications like SAP ECC and SAP BI (Business Intelligence) System.

Supported Platforms :

  • SAP GUI for Windows environment – Windows
  • SAP GUI for Java environment – Linux/Unix, MAC ..
  • SAP GUI for HTML/Internet Transaction Server(ITS) – End usersBrowser ( IE, Mozilla, Chrome )

Download

http://www.sapservicemarketplace.com —> Downloads

Gui
  • Installation & Upgrades
  • Support packages & packages
  • Databases

Base on alphabet we can download – info

  • SAP GUI 7.4 – (9 JAN 2018 Support Ends)
  • SAP GUI 7.5 – (Release 10 MAY 2017 – Support Ends 9 April 2019)

GUI Advantages

  • Multiple members logon at a time
  • UI, FONT, Theme, Color, Password

GUI Disadvantages

  • No Storage of GUI

Installation of GUI in Windows

  1. Double click SapGuiSetup.exe and install as normal software.
  2. Give the instance entries by click on new entry button and specify application host name, Instance number and SID of the server.
  3. If there are more number of entries was present, and then copies the file Saplogon.ini on already existing desktop.

Sap Gui 7.50 For Mac Free Download

GUI initialization: GUI is initialized by the following INI files

  1. saplogon.ini
  2. sapmsg.ini
  3. saproute.ini
  4. sapdoccd.ini

saplogon.ini – This file consists of the system details like name of the server, SID and instance umber. When we click on new tab in SAP GUI to enter description of the new server after saving it will be entered into this file. Without this file we cannot logon into the system and there will be no entries to logon from SAPGUI.

sapmsg.ini – This file is used to identify least loaded server in the logon group, if logon load balance is configured. This file consists of message server details.

Sap Gui 7.5 Support

saproute.ini -This file is used to communicate with SAP systems over the sap router.

Sap Gui 7.5

sapdoccd.ini – This file is initialized when the library is accessed. It contains the path of library.

Installation of GUI in Linux

SAP GUI problems:

Reason: User couldn’t logon to the system First, ask the user to send the screenshot of the error msg.

Sap Gui 7.5

  1. Network Interface problem.
  2. N/W connectivity b/w GUI & SAP system.
  3. Check the entries.
  4. GUI showing special characters.

Sap Gui 7.5 Vs 7.6

SAP GUI Screen Idenfications