PRA contains code that permits the execution of arbitrary program code of the user#s choice.
A malicious user can therefore control the behavior of the system, or can potentially escalate privileges by executing malicious code, without having their own legitimate credentials.
A malicious user can exploit PRA(Production and revenue accounting) and use specially crafted inputs to modify data-base commands. This results in either the retrieval of additional information, or the modification of data persisted by the system.
Available fix and Supported packages
- IS-OIL | 600 | 600
- IS-OIL | 602 | 602
- IS-OIL | 603 | 603
- IS-PRA | 604 | 604
- IS-PRA | 605 | 605
- IS-OIL 600 | SAPK-60019INISOIL |
- IS-OIL 602 | SAPK-60209INISOIL |
- IS-OIL 603 | SAPK-60308INISOIL |
- IS-PRA 604 | SAPK-60409INISPRA |
- IS-PRA 605 | SAPK-60503INISPRA |
Production and Revenue Accounting
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.