Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

ICM Patch Collection (Release 6.20), SAP security note 508300

Description

Incorrect behavior in the Internet Communication Manager (ICM).

Available fix and Supported packages

  • SAP_BASIS | 46C | 46D
  • SAP_BASIS | 610 | 640
  • SAP_BASIS 620 | SAPKB62001 |
  • SAP_BASIS 620 | SAPKB62004 |
  • SAP_BASIS 620 | SAPKB62029 |
  • SAP_BASIS 620 | SAPKB62031 |
  • SAP_BASIS 610 | SAPKB61039 |
  • SAP_BASIS 640 | SAPKB64001 |
  • SAP_BASIS 46D | SAPKB46D36 |
  • SAP_BASIS 46C | SAPKB46C48 |
  • SAP_BASIS 610 | SAPKB61040 |
  • SAP_BASIS 620 | SAPKB62040 |
  • SAP_BASIS 620 | SAPKB62042 |
  • SAP_BASIS 610 | SAPKB61041 |
  • SAP_BASIS 620 | SAPKB62044 |
  • SAP_BASIS 640 | SAPKB64011 |
  • SAP_BASIS 620 | SAPKB62048 |

Affected component

    BC-CST-IC
    Internet Communication Manager

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/508300

TAGS

#icm
#icman
#sapwebdisp
#HTTP
#SMTP
#Internet
#HTTP-request
#0d0a
#\r\n
#OOB
#x-forwarded-for
#ClientProtocol
#watchdog-GET
#POST
#HEAD
#PUT
#SSL
#dev_icm
#dev_webdisp
#Softcancel
#cancel

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.