CVE-2016-5847

MEDIUM

SAP SAPCAR - Privilege Escalation

Title source: llm

Description

SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Core Security · textdoslinux

https://www.exploit-db.com/exploits/40230

View Code ZIP pw:eip

References (6)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/138284/SAP-CAR-Archive-Tool-Denial-Of-Service-Security-Bypass.html

[Exploit, Mailing List, Third Party Advisory] http://seclists.org/fulldisclosure/2016/Aug/46

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/539180/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/92406

[Exploit, Third Party Advisory] https://www.coresecurity.com/advisories/sap-car-multiple-vulnerabilities

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/40230/

Scores

CVSS v3 5.8

EPSS 0.0022

EPSS Percentile 44.4%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L

Classification

CWE

CWE-264

Status draft

Affected Products (1)

sap/sapcar_archive_tool

Timeline

Published Aug 13, 2016

Tracked Since Feb 18, 2026