Missing Authorization check in SAP Direct Store Delivery, SAP security note 2580258

Description

SAP Direct Store Delivery does not perform necessary authorization checks. This might allow a user to access data that he/she might not be authorized to access.

Available fix and Supported packages

MOBDSDEI | 606 | 606
MOBDSDEI | 800 | 800
MOBDSDEI | 618 | 618
MOBDSDEI 606 | SAPK-60604INMOBDSDEI |
MOBDSDEI 800 | SAPK-80001INMOBDSDEI |
MOBDSDEI 618 | SAPK-61801INMOBDSDEI |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2580258

Vahagn Vardanian

Missing Authorization check in SAP Direct Store Delivery, SAP security note 2580258

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Access-control
#Authorization-error
#Authorization-profile

Explore More

Redis CVE-2023-36824 – How to Reproduce the Vulnerability

Redis CVE-2024-31449: How to Reproduce and Mitigate the Vulnerability

Reproducing CVE-2024-10979: A Step-by-Step Guide

SAP Security Patch Day – November 2024

Vahagn Vardanian

Missing Authorization check in SAP Direct Store Delivery, SAP security note 2580258

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Access-control#Authorization-error#Authorization-profile

Explore More

Redis CVE-2023-36824 – How to Reproduce the Vulnerability

Redis CVE-2024-31449: How to Reproduce and Mitigate the Vulnerability

Reproducing CVE-2024-10979: A Step-by-Step Guide

SAP Security Patch Day – November 2024

Special offer for SAP Security Udemy course!

$ 9.99

#Access-control
#Authorization-error
#Authorization-profile