Description
An authenticated user can use functions of DMIS_CNT and DMIS_BSC to which access should be restricted. This may result in an escalation of privileges.
Available fix and Supported packages
- DMIS_CNT | 2006_1_620 | 2006_1_620
- DMIS_CNT | 2006_1_640 | 2006_1_640
- DMIS_CNT | 2006_1_700 | 2006_1_700
- DMIS_CNT | 2011_1_620 | 2011_1_620
- DMIS_CNT | 2011_1_640 | 2011_1_640
- DMIS_CNT | 2011_1_700 | 2011_1_700
- DMIS_CNT | 2011_1_710 | 2011_1_710
- DMIS_CNT | 2011_1_730 | 2011_1_730
- DMIS_CNT | 2011_1_731 | 2011_1_731
- DMIS_CNT | 2012_1_620 | 2012_1_620
- DMIS_CNT | 2012_1_640 | 2012_1_640
- DMIS_CNT | 2012_1_700 | 2012_1_700
- DMIS_BSC | 2008_1_620 | 2008_1_620
- DMIS_BSC | 2008_1_640 | 2008_1_640
- DMIS_BSC | 2008_1_700 | 2008_1_700
- DMIS_CNT 2006_1_620 | SAPK-61525INDMISCNT |
- DMIS_CNT 2006_1_640 | SAPK-61625INDMISCNT |
- DMIS_CNT 2006_1_700 | SAPK-61725INDMISCNT |
- DMIS_CNT 2011_1_620 | SAPK-11109INDMISCNT |
- DMIS_CNT 2011_1_640 | SAPK-11209INDMISCNT |
- DMIS_CNT 2011_1_700 | SAPK-11309INDMISCNT |
- DMIS_CNT 2011_1_710 | SAPK-11409INDMISCNT |
- DMIS_CNT 2011_1_730 | SAPK-11509INDMISCNT |
- DMIS_CNT 2011_1_731 | SAPK-11609INDMISCNT |
- DMIS_BSC 2008_1_620 | SAPK-81516INDMISBSC |
- DMIS_BSC 2008_1_640 | SAPK-81616INDMISBSC |
- DMIS_BSC 2008_1_700 | SAPK-81716INDMISBSC |
Affected component
- CA-TDM
Test Data Migration Server (SAP TDMS)
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2115610