Skip links
🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

Directory traversal/SQL injection in SPM1.0, SAP security note 1511877


1. SPM1.0 content contains a vulnerability through which a malicious user can potentially write arbitrary files on the remote server, possibly corrupting data or alter system behaviour.
2.A malicious user can exploit SPM1.0 code and use specially crafted inputs to modify database commands, resulting in the modification of data persisted by the system.

Available fix and Supported packages

  • BI_CONT | 704 | 704
  • BI_CONT | 705 | 705
  • BI_CONT | 735 | 735
  • BI_CONT 705 | SAPK-70502INBICONT |
  • BI_CONT 704 | SAPK-70410INBICONT |

Affected component

    BW only – BI Content – Spend Analytics


Score: 0


Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.




How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer