Description
Long text and SP Patch level of note 1501646 were updated according to availability of XSRF protection in CRM 7.01.
The SP Patch Levels were increased for CRM 7.01 from SP3 Patch level 0 to SP3 Patch Level 3 for the following software components: CRM JAVA APPLICATIONS, CRM JAVA COMPONENTS, CRM JAVA WEB COMPONENTS, SAP SHARED JAVA APPLIC, SAP SHARED JAVA COMP and SAP SHARED WEB COMPONENTS.
Please note that XSRF protection is not available in CRM 7.01 SP1 and CRM 7.01 SP2, therefore, it is recommended that you upgrade to at least SP3 if your CRM release is 7.01.
Available fix and Supported packages
- SAP-CRMJAV | 701 | 701
- SAP-CRMWEB | 701 | 701
- SAP-SHRWEB | 701 | 701
- SAP-SHRJAV | 701 | 701
- SAP-CRMAPP | 701 | 701
- SAP-SHRAPP | 701 | 701
- CRM JAVA APPLICATIONS 7.01 | SP003 | 000003
- CRM JAVA COMPONENTS 7.01 | SP003 | 000003
- CRM JAVA WEB COMPONENTS 7.01 | SP003 | 000003
- SAP SHARED JAVA APPLIC. 7.01 | SP003 | 000003
- SAP SHARED JAVA COMP. 7.01 | SP003 | 000003
- SAP SHARED WEB COMPONENTS 7.01 | SP003 | 000003
Affected component
- CRM-ISA
Internet Sales
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1575499
