Skip links

ICM Patch Collection (Release 6.20), SAP security note 508300

Description

Incorrect behavior in the Internet Communication Manager (ICM).

Available fix and Supported packages

  • SAP_BASIS | 46C | 46D
  • SAP_BASIS | 610 | 640
  • SAP_BASIS 620 | SAPKB62001 |
  • SAP_BASIS 620 | SAPKB62004 |
  • SAP_BASIS 620 | SAPKB62029 |
  • SAP_BASIS 620 | SAPKB62031 |
  • SAP_BASIS 610 | SAPKB61039 |
  • SAP_BASIS 640 | SAPKB64001 |
  • SAP_BASIS 46D | SAPKB46D36 |
  • SAP_BASIS 46C | SAPKB46C48 |
  • SAP_BASIS 610 | SAPKB61040 |
  • SAP_BASIS 620 | SAPKB62040 |
  • SAP_BASIS 620 | SAPKB62042 |
  • SAP_BASIS 610 | SAPKB61041 |
  • SAP_BASIS 620 | SAPKB62044 |
  • SAP_BASIS 640 | SAPKB64011 |
  • SAP_BASIS 620 | SAPKB62048 |

Affected component

    BC-CST-IC
    Internet Communication Manager

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/508300

TAGS

#icm
#icman
#sapwebdisp
#HTTP
#SMTP
#Internet
#HTTP-request
#0d0a
#\r\n
#OOB
#x-forwarded-for
#ClientProtocol
#watchdog-GET
#POST
#HEAD
#PUT
#SSL
#dev_icm
#dev_webdisp
#Softcancel
#cancel

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies

SAP Security Patch Day RedRays

May 2024 SAP Security Patch Day

Vulnerability: Multiple vulnerabilities in SAP CX Commerce SAP Component: CEC-SCC-PLA-PL CVE ID: CVE-2019-17495 CVSS Score: 9.8 CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Category: Program error