Description
A malicious user can execute functions in KM UI without authentication and authoriza-tion.
Available fix and Supported packages
- EPBC2 | 7.00 | 7.02
- KMC-BC | 7.30 | 7.30
- KMC-BC | 7.31 | 7.31
- EP-PSERV | 6.0_640 | 6.0_640
- EP-CM | 6.0_640 | 6.0_640
- SAP_JTECHS | 7.00 | 7.02
- EP-BASIS | 7.30 | 7.30
- EP-BASIS | 7.31 | 7.31
- FRAMEWORK-EXT | 7.30 | 7.30
- FRAMEWORK-EXT | 7.31 | 7.31
- CM+COLLABORATION 6.0_640 | SP025 | 000008
- CM+COLLABORATION 6.0_640 | SP026 | 000008
- CM+COLLABORATION 6.0_640 | SP027 | 000005
- CM+COLLABORATION 6.0_640 | SP028 | 000002
- CM+COLLABORATION 6.0_640 | SP029 | 000000
- CM+COLLABORATION 6.0_640 | SP030 | 000000
- FRAMEWORK EXTENSIONS 7.30 | SP001 | 000001
- FRAMEWORK EXTENSIONS 7.30 | SP002 | 000001
- FRAMEWORK EXTENSIONS 7.30 | SP003 | 000001
- FRAMEWORK EXTENSIONS 7.30 | SP004 | 000001
- FRAMEWORK EXTENSIONS 7.30 | SP005 | 000001
- FRAMEWORK EXTENSIONS 7.31 | SP001 | 000001
- KMC BASE COMPONENTS 7.30 | SP001 | 000003
- KMC BASE COMPONENTS 7.30 | SP002 | 000004
- KMC BASE COMPONENTS 7.30 | SP003 | 000004
- KMC BASE COMPONENTS 7.30 | SP004 | 000002
- KMC BASE COMPONENTS 7.30 | SP005 | 000001
- KMC BASE COMPONENTS 7.30 | SP006 | 000000
- KMC BASE COMPONENTS 7.30 | SP007 | 000000
- KMC BASE COMPONENTS 7.31 | SP001 | 000000
Affected component
- EP-KM-CM-UI
CM User Interface
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1620044
