Description
As part of an original requirement for the DUET PUMA scenario, SRM provides a function module, which is called by the DUET server to retrieve budget information for a given shopping cart. Based on an initial limitation for the DUET server, this function module had to provide importing parameters. However, this creates a security issue where a malicious user can abuse this parameter and see budget information for which he is not authorized.
Vulnerability Details:
The malicious user can call this function module and fill the parameter with a value, that gives him the authorization to see the budget information, although he does not have this authorization and should not be able to see this kind of information.
Affected Releases:
SAP SRM 5.0
SAP SRM 6.0
SAP SRM 7.0
Available fix and Supported packages
- SRM_SERVER | 550 | 550
- SRM_SERVER | 600 | 600
- SRM_SERVER | 700 | 700
- SRM_SERVER 600 | SAPKIBKU06 |
- SRM_SERVER 550 | SAPKIBKT16 |
- SRM_SERVER 700 | SAPKIBKV06 |
Affected component
- SRM-OSP
SRM Duet / Office Applications
CVSS
Score: 0
Exploit
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1426388
