Description
An attacker can use specially crafted inputs to modify database commands, resulting in the retrieval of additional information persisted by the system.
Available fix and Supported packages
- C-CEE | 110_600 | 110_600
- C-CEE | 110_602 | 110_602
- C-CEE | 110_603 | 110_603
- C-CEE | 110_604 | 110_604
- C-CEE | 110_700 | 110_700
- C-CEE | 110_720 | 110_720
- C-CEE 110_604 | SAPK-60426INCCEE |
- C-CEE 110_700 | SAPK-70003INCCEE |
- C-CEE 110_720 | SAPK-72001INCCEE |
- C-CEE 110_600 | SAPK-11043INCCEE |
- C-CEE 110_602 | SAPK-60229INCCEE |
- C-CEE 110_603 | SAPK-60329INCCEE |
Affected component
- XX-CSC-GR-FI
Financial Accounting
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2155978