Description
This security note has been updated. For more detailed information, see Security Note 1772647.”
The CRM planning in BW could be abused by a malicious user, who could modify displayed application content without authorization and potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- SAP_BW | 700 | 702
- SAP_BW | 711 | 711
- SAP_BW | 730 | 730
- SAP_BW | 731 | 731
- SAP_BW_VIRTUAL_COMP | 701 | 701
- SAP_BW 700 | SAPKW70028 |
- SAP_BW 701 | SAPKW70111 |
- SAP_BW 702 | SAPKW70210 |
- SAP_BW 731 | SAPKW73102 |
- SAP_BW 711 | SAPKW71109 |
- SAP_BW 730 | SAPKW73006 |
- SAP_BW 702 | SAPKW70211 |
- SAP_BW 700 | SAPKW70029 |
- SAP_BW 701 | SAPKW70112 |
- SAP_BW 711 | SAPKW71110 |
- SAP_BW 702 | SAPKW70212 |
- SAP_BW 730 | SAPKW73008 |
- SAP_BW 731 | SAPKW73104 |
- SAP_BW_VIRTUAL_COMP 701 | SAPK-70129INVCBWTECH |
- SAP_BW_VIRTUAL_COMP 701 | SAPK-70130INVCBWTECH |
- SAP_BW_VIRTUAL_COMP 701 | SAPK-70133INVCBWTECH |
Affected component
- CRM-ANA-PS
Planning Services
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1610237
