Skip links
Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

Potential denial of service in Options, SAP security note 1500726

Description

A malicious user can remotely exploit /SAPPSSRM/CL_COPY_SAP_STRUC class and render it unavailable, as well as potentially the resources that are used to serve /SAPPSSRM/CL_COPY_SAP_STRUC class.

Available fix and Supported packages

  • SRM_SERVER | 550 | 550
  • SRM_SERVER | 600 | 600
  • SRM_EXT | 700 | 700
  • SRM_EXT | 701 | 701
  • SRM_SERVER 600 | SAPKIBKU06 |
  • SRM_SERVER 550 | SAPKIBKT18 |
  • SRM_EXT 700 | SAPK-70010INSRMEXT |
  • SRM_EXT 701 | SAPK-70103INSRMEXT |

Affected component

    PSM-GPR-OPT
    Options

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1500726

TAGS

#SRM
#Supplier-Relationship-Management
#PPS
#Procurement-for-Public-Sector
#Optional-Line-Items
#Options
#DoS
#Denial-of-Service

Explore More

Special offer for SAP Security Udemy course!

$ 9.99

Join “SAP Security Core Concepts and Security Administration” which is part of the Blackhat course series.