Skip links

Standard RFC destination for note download can be overridden, SAP security note 2235514

Description

There is a chance to override the standard RFC destination used for downloading the note.

Available fix and Supported packages

  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 711
  • SAP_BASIS | 730 | 730
  • SAP_BASIS | 731 | 731
  • SAP_BASIS | 740 | 740
  • SAP_BASIS | 750 | 750
  • SAP_BASIS 700 | SAPKB70033 |
  • SAP_BASIS 701 | SAPKB70118 |
  • SAP_BASIS 702 | SAPKB70218 |
  • SAP_BASIS 710 | SAPKB71021 |
  • SAP_BASIS 711 | SAPKB71116 |
  • SAP_BASIS 730 | SAPKB73015 |
  • SAP_BASIS 731 | SAPKB73118 |
  • SAP_BASIS 740 | SAPKB74014 |
  • SAP_BASIS 750 | SAPK-75002INSAPBASIS |

Affected component

    BC-UPG-NA
    SAP Notes Assistant

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2235514

TAGS

#Note-Download
#RFC-overriding
#Note-Assistant

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies