Description
An authenticated user can use functions of BPM to which access should be restricted. This may result in an information leak.
Available fix and Supported packages
- BPEM-HIM | 7.20 | 7.20
- BPEM-HIM | 7.30 | 7.30
- BPEM-HIM | 7.31 | 7.31
- BPEM-HIM | 7.40 | 7.40
- BPEM-HIM | 7.50 | 7.50
- BPEM HUMAN INTERFACE MGMT 7.20 | SP009 | 000010
- BPEM HUMAN INTERFACE MGMT 7.30 | SP011 | 000006
- BPEM HUMAN INTERFACE MGMT 7.30 | SP012 | 000005
- BPEM HUMAN INTERFACE MGMT 7.30 | SP013 | 000001
- BPEM HUMAN INTERFACE MGMT 7.30 | SP014 | 000000
- BPEM HUMAN INTERFACE MGMT 7.30 | SP015 | 000000
- BPEM HUMAN INTERFACE MGMT 7.31 | SP011 | 000008
- BPEM HUMAN INTERFACE MGMT 7.31 | SP012 | 000008
- BPEM HUMAN INTERFACE MGMT 7.31 | SP013 | 000006
- BPEM HUMAN INTERFACE MGMT 7.31 | SP014 | 000009
- BPEM HUMAN INTERFACE MGMT 7.31 | SP015 | 000004
- BPEM HUMAN INTERFACE MGMT 7.31 | SP016 | 000002
- BPEM HUMAN INTERFACE MGMT 7.31 | SP017 | 000000
- BPEM HUMAN INTERFACE MGMT 7.40 | SP006 | 000008
- BPEM HUMAN INTERFACE MGMT 7.40 | SP007 | 000007
- BPEM HUMAN INTERFACE MGMT 7.40 | SP008 | 000005
- BPEM HUMAN INTERFACE MGMT 7.40 | SP009 | 000009
- BPEM HUMAN INTERFACE MGMT 7.40 | SP010 | 000004
- BPEM HUMAN INTERFACE MGMT 7.40 | SP011 | 000002
- BPEM HUMAN INTERFACE MGMT 7.40 | SP012 | 000000
- BPEM HUMAN INTERFACE MGMT 7.50 | SP000 | 000000
Affected component
- BC-BMT-BPM-DSK
Process Desk
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2178356
