Description
A user can perform administrative actions in an expert application used for XI product support, without the user having modification rights. A user with display rights is currently sufficient.
This application provides the possibility to show logs from the Message Archiving and logs from the data aggregation job of the Message Overview. It’s not indended to be used by customers, only by support experts.
Available fix and Supported packages
- SAP_XIAF | 7.00 | 7.02
- SAP_XIAF | 7.10 | 7.11
- SAP_XIAF | 7.20 | 7.20
- SAP_XIAF | 7.30 | 7.30
- XI ADAPTER FRAMEWORK 7.00 | SP021 | 000000
- XI ADAPTER FRAMEWORK 7.01 | SP006 | 000000
- XI ADAPTER FRAMEWORK 7.02 | SP002 | 000000
- XI ADAPTER FRAMEWORK 7.10 | SP010 | 000000
- XI ADAPTER FRAMEWORK 7.11 | SP005 | 000000
Affected component
- BC-XI-IS-WKB
Runtime Workbench / Monitoring
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1386926
