Description
XX-CSC-RO-FI allows an attacker to execute crafted database queries, exposing the backend database.
Some well-known impacts of SQL Injection vulnerability are –
- read sensitive data , modify or delete data from database
- execute admin level operations on database
Available fix and Supported packages
- C-CEE | 110_600 | 110_600
- C-CEE | 110_602 | 110_602
- C-CEE | 110_603 | 110_603
- C-CEE | 110_604 | 110_604
- C-CEE | 110_700 | 110_700
- C-CEE | 110_720 | 110_720
- C-CEE 110_604 | SAPK-60426INCCEE |
- C-CEE 110_700 | SAPK-70003INCCEE |
- C-CEE 110_720 | SAPK-72001INCCEE |
- C-CEE 110_600 | SAPK-11043INCCEE |
- C-CEE 110_602 | SAPK-60229INCCEE |
- C-CEE 110_603 | SAPK-60329INCCEE |
Affected component
- XX-CSC-RO-FI
Financial Accounting
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/2157355
