Existing authority check in Freight Order Management is executed with wrong attribute. Thus, an unauthenticated user can use functions of Freight Order Management Documents to which access should be re-stricted. This may result in an escalation of privileges.
Available fix and Supported packages
- SAPTM | 100 | 100
- SAPTM 100 | SAPK-10001INSAPTM |
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.