Role Synchronization report contains code which allows to execute arbitrary program code i.e RFC destination of the users choice. A malicious user can therefore control the behavior of the system or can potentially escalate privileges by executing malicious code without legitimate own credentials.
Available fix and Supported packages
- SRM_SERVER | 700 | 700
- SRM_SERVER | 701 | 701
- SRM_SERVER 701 | SAPK-70101INSRMSRV |
- SRM_SERVER 700 | SAPKIBKV09 |
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.