Picture of Vahagn Vardanian

Vahagn Vardanian

Co-founder and CTO of RedRays

December 14, 2010
12:00 am

Potential directory traversals in batch input programs, SAP security note 1509179

Description

Potential directory traversals in batch input programs RJBDBTC3, RJBDBTC2, RJBDBTC1, MJBEHF01.

Available fix and Supported packages

EA-FINSERV | 110 | 110
EA-FINSERV | 200 | 200
EA-FINSERV | 500 | 500
EA-FINSERV | 600 | 600
EA-FINSERV | 603 | 603
EA-FINSERV | 604 | 604
EA-FINSERV | 605 | 605
BANK/CFM | 463_20 | 463_20
EA-FINSERV 500 | SAPKGPFC24 |
EA-FINSERV 600 | SAPKGPFD19 |
EA-FINSERV 603 | SAPK-60308INEAFINSRV |
EA-FINSERV 604 | SAPK-60409INEAFINSRV |
EA-FINSERV 605 | SAPK-60503INEAFINSRV |
EA-FINSERV 110 | SAPKGPFA32 |
EA-FINSERV 200 | SAPKGPFB21 |
BANK/CFM 463_20 | SAPKIPBJ40 |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1509179

TAGS

#Directory-traversal
#FILE_VALIDATE_NAME
#FILE
#VALIDATION_FAILED
#RJBDBTC3
#RJBDBTC2
#RJBDBTC1
#MJBEHF01

Explore More

SAP Security Training – Why Businesses Can’t Ignore It Anymore

July 31, 2025

The moment a company decides to run its finance, logistics or human-resources data on SAP, it gains a powerhouse of efficiency –

SAP Security Patch Day – July 2025

July 9, 2025

On July 8, 2025, SAP released its monthly security updates affecting 27 components. This month includes 5 HotNews notes (CVSS ≥ 9.0)

Registration Open: SAP Security Training – August 2025 | Limited Seats

June 20, 2025

Discover vulnerabilities through the eyes of an attacker In today’s digital landscape, SAP systems form the backbone of critical business operations for

[PoC][CVE-2025-25243] Path Traversal Vulnerability in SAP SRM

June 20, 2025

Advisory ID: REDRAYS-2025-091 CVE ID: CVE-2025-25243 Severity: High (CVSS v3.0: 8.6/10) Affected Product: SAP Supplier Relationship Management (Master Data Management Catalog) Publication