Description
Enterprise workspaces can be abused by a malicious user, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users.
Available fix and Supported packages
- SPACES | 1.00 | 1.00
- SPACES | 1.1730 | 1.1730
- SPACES | 1.1700 | 1.1700
- SPACES-KM | 1.0 | 1.0
- SPACES-KM | 1.1700 | 1.1700
- SPACES-KM | 1.1730 | 1.1730
- EP-EXT | 1.0 | 1.0
- EP-EXT | 1.1730 | 1.1730
- EP-EXT | 1.1700 | 1.1700
- ENT.WORKSPACES KM 1.1_7.0 | SP000 | 000001
- ENT.WORKSPACES KM 1.1_7.0 | SP001 | 000001
- ENT.WORKSPACES KM 1.1_7.30 | SP001 | 000001
- ENTERPRISE PORTAL EXT 1.0 | SP000 | 000002
- ENTERPRISE PORTAL EXT 1.0 | SP001 | 000001
- ENTERPRISE PORTAL EXT 1.0 | SP002 | 000001
- ENTERPRISE PORTAL EXT 1.0 | SP003 | 000000
- ENTERPRISE PORTAL EXT 1.1_7.0 | SP000 | 000001
- ENTERPRISE PORTAL EXT 1.1_7.0 | SP001 | 000001
- ENTERPRISE PORTAL EXT 1.1_7.30 | SP001 | 000002
- ENTERPRISE WORKSPACES 1.0 | SP000 | 000003
- ENTERPRISE WORKSPACES 1.0 | SP001 | 000003
- ENTERPRISE WORKSPACES 1.0 | SP002 | 000002
- ENTERPRISE WORKSPACES 1.0 | SP003 | 000000
- ENTERPRISE WORKSPACES 1.1_7.0 | SP000 | 000002
- ENTERPRISE WORKSPACES 1.1_7.0 | SP001 | 000001
- ENTERPRISE WORKSPACES 1.1_7.30 | SP001 | 000001
- ENTERPRISE WORKSPACES KM 1.0 | SP000 | 000001
- ENTERPRISE WORKSPACES KM 1.0 | SP001 | 000001
- ENTERPRISE WORKSPACES KM 1.0 | SP002 | 000001
- ENTERPRISE WORKSPACES KM 1.0 | SP003 | 000000
Affected component
- EP-EWP-RT
Please use EP-EWP
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1702930
