Description
A malicious user can exploit CRM Middleware and use specially crafted inputs to retrieve additional information persisted by the system.
Available fix and Supported packages
- PI_BASIS | 2004_1_620 | 2004_1_640
- PI_BASIS | 2005_1_620 | 2005_1_700
- PI_BASIS | 2006_1_620 | 2006_1_710
- PI_BASIS | 701 | 702
- PI_BASIS | 711 | 730
- PI | 2004_1_46C | 2004_1_46C
- PI_BASIS 701 | SAPK-70108INPIBASIS |
- PI_BASIS 2005_1_620 | SAPKIPYJ5M |
- PI_BASIS 2006_1_620 | SAPKIPYK12 |
- PI_BASIS 730 | SAPK-73002INPIBASIS |
- PI_BASIS 2006_1_710 | SAPKIPYN12 |
- PI_BASIS 702 | SAPK-70207INPIBASIS |
- PI_BASIS 711 | SAPK-71107INPIBASIS |
- PI_BASIS 2005_1_640 | SAPKIPYJ6M |
- PI_BASIS 2006_1_640 | SAPKIPYL12 |
- PI_BASIS 2005_1_700 | SAPKIPYJ7O |
- PI_BASIS 2006_1_700 | SAPKIPYM14 |
- PI 2004_1_46C | SAPKIPZI4J |
Affected component
- CRM-MW-ADP
Middleware Adapter
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1502607
