Description
You can call certain transactions from the ABAP keyword documentation display without the authorization to start the transaction being checked.
Comment:
The other authorization checks for the transactions run as expected.
Available fix and Supported packages
- SAP_BASIS | 46C | 46D
- SAP_BASIS | 610 | 640
- SAP_BASIS 46C | SAPKB46C49 |
- SAP_BASIS 640 | SAPKB64010 |
- SAP_BASIS 46D | SAPKB46D39 |
- SAP_BASIS 610 | SAPKB61042 |
- SAP_BASIS 620 | SAPKB62047 |
- SAP KERNEL 4.6D 32-BIT | SP2356 | 002356
- SAP KERNEL 4.6D 64-BIT | SP2356 | 002356
- SAP KERNEL 4.6D 64-BIT | SP2364 | 002364
- SAP KERNEL 4.6D_EXT 32-BIT | SP2356 | 002356
- SAP KERNEL 4.6D_EXT 32-BIT | SP2364 | 002364
- SAP KERNEL 4.6D_EXT 64-BIT | SP2356 | 002356
- SAP KERNEL 4.6D_EXT 64-BIT | SP2357 | 002357
- SAP KERNEL 4.6D_EXT 64-BIT | SP2364 | 002364
- SAP KERNEL 7.00 32-BIT | SP137 | 000137
- SAP KERNEL 7.00 32-BIT UNICODE | SP137 | 000137
- SAP KERNEL 7.00 64-BIT | SP137 | 000137
- SAP KERNEL 7.00 64-BIT UNICODE | SP137 | 000137
Affected component
- BC-ABA-LA
Syntax, Compiler, Runtime
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/787151
