Description
This security note has been updated. For more detailed information,
see Security Notes 1567901, 1572616.
A malicious user can trigger functionality in PLM-CFO without authentication and authorization.
Available fix and Supported packages
- CPROJECTS | 310_620 | 310_640
- CPRXRPM | 400 | 400
- CPRXRPM | 450_700 | 450_700
- CPRXRPM | 500_702 | 500_702
- CPROJECTS 310_620 | SAPK-31219INCPROJECT |
- CPROJECTS 310_640 | SAPK-31419INCPROJECT |
- CPROJECTS 310_620 | SAPK-31220INCPROJECT |
- CPROJECTS 310_640 | SAPK-31420INCPROJECT |
- CPRXRPM 450_700 | SAPK-45010INCPRXRPM |
- CPRXRPM 400 | SAPK-40019INCPRXRPM |
- CPRXRPM 500_702 | SAPK-50004INCPRXRPM |
- CPRXRPM 500_702 | SAPK-50005INCPRXRPM |
- CPRXRPM 450_700 | SAPK-45011INCPRXRPM |
Affected component
- PLM-CFO
Collaboration Folders
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1515151
