Skip links

Potential information disclosure in incident tasks, SAP security note 1802680

Description

Component: Incident Management
Module:Incident Recording

This SAP Note is a prerequisite for SAP Note 1804016.
Incident tasks can potentially reveal information to people who do not have the appropriate access level assigned to their users.

Available fix and Supported packages

  • EHSM | 200 | 200
  • EHSM | 300 | 300
  • EHSM 200 | SAPK-20004INEHSM |
  • EHSM 300 | SAPK-30003INEHSM |

Affected component

    EHS-MGM-INC
    Incident Management

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1802680

TAGS

#EHSM200SP04INCEHSM300SP03INC-Incident
#tasks
#Information-disclosure

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies