Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Update #1 to Security Note 1523808, SAP security note 1562119

Description

The correction instructions provided for the vulnerability (missing authorization checks in CATT / eCATT) addressed in Security Note 1523808 must be corrected for the following releases:
– SAP_BASIS 730
– SAP_BASIS 720
– SAP_BASIS 711
– SAP_BASIS 710
– SAP_BASIS 702
– SAP_BASIS 701
– SAP_BASIS 700
– SAP_BASIS 640
– SAP_BASIS 620

The corrected correction instructions have been added to this note.

Available fix and Supported packages

  • SAP_BASIS | 620 | 640
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 730

Affected component

    BC-TWB-TST-CAT
    CATT Computer Aided Test Tool

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1562119

TAGS

#Authorization
#authorization-check
#CAT_CHECK_TABLE
#update
#update-note

More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,

Protect Your SAP with RedRays Security Platform

Explore the Power of Our Scanner with an Interactive Prototype Below