Skip links

Unauthorized read-access to database, SAP security note 1496092

Description

ILM handling requires a generic access option not only for archived data but also for other data. This poses the risk of an unauthorized read access to the database.

Available fix and Supported packages

  • SAP_BASIS | 702 | 702
  • SAP_BASIS | 730 | 730
  • SAP_BASIS 702 | SAPKB70205 |
  • SAP_BASIS 730 | SAPKB73001 |

Affected component

    BC-ILM-IRM
    Information Retention Manager

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1496092

TAGS

#Archiving
#ILM
#rule-interpretation

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies