RedRays SAP Security Team

🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

April 7, 2017
12:00 am

Missing Authorization check in RDL, SAP security note 2452697

Description

RDL does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Some well-known impacts of Missing Authorization check are –

abuse functionality restricted to a particular user group
read, modify or delete restricted data

Available fix and Supported packages

FSAPPL | 500 | 500
FSAPPL 500 | SAPK-50006INFSAPPL |

Affected component

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2452697

RedRays SAP Security Team

Missing Authorization check in RDL, SAP security note 2452697

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Access-control
#Authorization-error
#Authorization-profile

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

RedRays and Cenobe Cybersecurity Announce Strategic Partnership

SAP Security Patch Day – July 2024

Announcement: In-Depth SAP Security Training at BlackHat MEA 2024

SAP Security Patch Day – June 2024

RedRays SAP Security Team

Missing Authorization check in RDL, SAP security note 2452697

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Access-control#Authorization-error#Authorization-profile

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

RedRays and Cenobe Cybersecurity Announce Strategic Partnership

SAP Security Patch Day – July 2024

Announcement: In-Depth SAP Security Training at BlackHat MEA 2024

SAP Security Patch Day – June 2024

#Access-control
#Authorization-error
#Authorization-profile