Description
The SAPControl Webservice interface of sapstartsrv allows the reading of system information without requesting user authorization.
Available fix and Supported packages
- SAP_BASIS | 640 | 640
- SAP_BASIS | 700 | 702
- SAP_BASIS | 710 | 730
- SAP_BASIS | 800 | 804
- SAP_BASIS | 740 | 740
- SAP_BASIS | DEV | DEV
- MMC | 7.20 | 7.20
- SAP KERNEL 6.40 32-BIT | SP337 | 000337
- SAP KERNEL 6.40 32-BIT UNICODE | SP337 | 000337
- SAP KERNEL 6.40 64-BIT | SP337 | 000337
- SAP KERNEL 6.40 64-BIT UNICODE | SP337 | 000337
- SAP KERNEL 6.40_EX2 32-BIT | SP337 | 000337
- SAP KERNEL 6.40_EX2 32-BIT UC | SP337 | 000337
- SAP KERNEL 6.40_EX2 64-BIT | SP337 | 000337
- SAP KERNEL 6.40_EX2 64-BIT UC | SP337 | 000337
- SAP KERNEL 7.00 32-BIT | SP263 | 000263
- SAP KERNEL 7.00 32-BIT UNICODE | SP263 | 000263
- SAP KERNEL 7.00 64-BIT | SP263 | 000263
- SAP KERNEL 7.00 64-BIT UNICODE | SP263 | 000263
- SAP KERNEL 7.01 32-BIT | SP101 | 000101
- SAP KERNEL 7.01 32-BIT UNICODE | SP101 | 000101
- SAP KERNEL 7.01 64-BIT | SP101 | 000101
- SAP KERNEL 7.01 64-BIT UNICODE | SP101 | 000101
- SAP KERNEL 7.10 32-BIT | SP208 | 000208
- SAP KERNEL 7.10 32-BIT UNICODE | SP208 | 000208
- SAP KERNEL 7.10 64-BIT | SP208 | 000208
- SAP KERNEL 7.10 64-BIT UNICODE | SP208 | 000208
Affected component
- BC-CST-STS
Startup Service
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1439348