Description
A malicious user can trigger functionality in CRM-MD-BP-PCU without authentication and authorization.
Available fix and Supported packages
- BBPCRM | 400 | 400
- BBPCRM | 500 | 500
- BBPCRM | 520 | 520
- BBPCRM | 600 | 600
- BBPCRM | 700 | 700
- BBPCRM | 701 | 701
- BBPCRM | 702 | 702
- BBPCRM | 712 | 712
- BBPCRM 400 | SAPKU40018 |
- BBPCRM 520 | SAPKU52011 |
- BBPCRM 500 | SAPKU50020 |
- BBPCRM 600 | SAPKU60011 |
- BBPCRM 700 | SAPKU70011 |
- BBPCRM 701 | SAPKU70107 |
Affected component
- CRM-MD-BP-PCU
People-Centric UI (Business Partner)
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1599075