Description
This security note has been updated. For more detailed information, see Security Note 1557996.
The broadcasting component could be abused by a malicious user, who could modify displayed application content without authorization and potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- SAP_ABA | 700 | 700
- CRMUIF | 520 | 520
- CRMUIF | 600 | 600
- WEBCUIF | 700 | 700
- WEBCUIF | 701 | 701
- WEBCUIF | 730 | 730
- CRMIS | 400 | 400
- SAP_ABA 700 | SAPKA70024 |
- CRMUIF 520 | SAPK-52012INCRMUIF |
- CRMUIF 600 | SAPK-60011INCRMUIF |
- WEBCUIF 701 | SAPK-70102INWEBCUIF |
- WEBCUIF 700 | SAPK-70009INWEBCUIF |
- WEBCUIF 730 | SAPK-73001INWEBCUIF |
- CRMIS 400 | SAPK-40013INCRMIS |
Affected component
- CRM-IC-BRO
Broadcast Messaging
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1491867