Description
An authenticated user can use functions of eAccounting (FIN-BAC-AE and FIN-FB-SRV) to which access should be restricted. This may result in an escalation of privileges.
Available fix and Supported packages
- FINBASIS | 600 | 600
- FINBASIS | 700 | 700
- FINBASIS | 602 | 602
- FINBASIS | 603 | 603
- FINBASIS | 604 | 604
- FINBASIS | 634 | 634
- FINBASIS | 605 | 605
- FINBASIS | 736 | 736
- FINBASIS | 746 | 746
- FINBASIS | 747 | 747
- SEM-BW | 400 | 400
- SEM-BW | 600 | 600
- SEM-BW | 700 | 700
- SEM-BW | 602 | 602
- SEM-BW | 603 | 603
- SEM-BW | 604 | 604
- SEM-BW | 605 | 605
- SEM-BW | 736 | 736
- SEM-BW | 634 | 634
- SEM-BW | 746 | 746
- SEM-BW | 747 | 747
- FINBASIS 600 | SAPK-60024INFINBASIS |
- FINBASIS 602 | SAPK-60214INFINBASIS |
- FINBASIS 604 | SAPK-60414INFINBASIS |
- FINBASIS 603 | SAPK-60313INFINBASIS |
- FINBASIS 605 | SAPK-60511INFINBASIS |
- FINBASIS 634 | SAPK-63406INFINBASIS |
- FINBASIS 736 | SAPK-73608INFINBASIS |
- FINBASIS 746 | SAPK-74603INFINBASIS |
- FINBASIS 700 | SAPK-70022INFINBASIS |
- FINBASIS 747 | SAPK-74701INFINBASIS |
- SEM-BW 600 | SAPKGS6024 |
- SEM-BW 602 | SAPK-60214INSEMBW |
- SEM-BW 604 | SAPK-60414INSEMBW |
- SEM-BW 603 | SAPK-60313INSEMBW |
- SEM-BW 605 | SAPK-60511INSEMBW |
- SEM-BW 634 | SAPK-63406INSEMBW |
- SEM-BW 736 | SAPK-73608INSEMBW |
- SEM-BW 746 | SAPK-74603INSEMBW |
- SEM-BW 700 | SAPK-70022INSEMBW |
- SEM-BW 747 | SAPK-74701INSEMBW |
Affected component
- FIN-BAC-AE
Accounting Engine
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1853756
