SAP Gateway allows an attacker to upload any file (including script files) without proper file format validation.
Some well-known impacts of Unrestricted File Upload vulnerability are –
- malicious file insertion or modification
- make the Web site vulnerable to some other attacks such as XSS
Available fix and Supported packages
- SAP_GWFND | 750 | 750
- SAP_GWFND | 751 | 751
- SAP_GWFND | 752 | 752
- SAP_GWFND | 753 | 753
- SAP_BASIS | 773 | 773
- SAP_GWFND 751 | SAPK-75107INSAPGWFND |
- SAP_GWFND 752 | SAPK-75203INSAPGWFND |
- SAP_GWFND 750 | SAPK-75013INSAPGWFND |
- SAP_GWFND 753 | SAPK-75301INSAPGWFND |
- | SAPK-773BHINSAPBASIS |
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.