Skip links
RedRays - Your SAP Security Solution
RedRays SAP Security Team

RedRays SAP Security Team

🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

Missing Authorization check in SAP Direct Store Delivery, SAP security note 2580258

Description

SAP Direct Store Delivery does not perform necessary authorization checks. This might allow a user to access data that he/she might not be authorized to access.

Available fix and Supported packages

  • MOBDSDEI | 606 | 606
  • MOBDSDEI | 800 | 800
  • MOBDSDEI | 618 | 618
  • MOBDSDEI 606 | SAPK-60604INMOBDSDEI |
  • MOBDSDEI 800 | SAPK-80001INMOBDSDEI |
  • MOBDSDEI 618 | SAPK-61801INMOBDSDEI |

Affected component

    MOB-APP-ERP-DSD
    SAP Direct Store Delivery

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2580258

TAGS

#Access-control
#Authorization-error
#Authorization-profile

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer