Description
When maintaining planning version dependend location data in transaction /SAPAPO/LOC3 there is no authorization check on the planning version. It is not checked wether the user has the authorization to maintain the version dependend data.
Available fix and Supported packages
- SAP_APO | 30A | 30A
- SAP_APO | 310 | 310
- SCM | 400 | 400
- SCM | 410 | 410
- SCM | 500 | 500
- SCM_BASIS | 510 | 510
- SCM_BASIS | 700 | 700
- SAP_APO 30A | SAPKY30A32 |
- SAP_APO 310 | SAPKY31027 |
- SCM 400 | SAPKY40022 |
- SCM 500 | SAPKY50016 |
- SCM 410 | SAPKY41020 |
- SCM_BASIS 700 | SAPK-70003INSCMBASIS |
- SCM_BASIS 510 | SAPK-51013INSCMBASIS |
Affected component
- SCM-APO-MD-LO
Location
CVSS
Score: 0
Exploit
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1294675
