Description
Security note 1616058 has been rereleased. It previously provided workaround instructions which are no longer valid as corrections are available.
The corrections introduce an incompatible change for the SPML service.
Available fix and Supported packages
- SAP-JEE | 6.40 | 6.40
- SAP-JEE | 7.00 | 7.02
- SAP_JTECHS | 6.40 | 6.40
- SAP_JTECHS | 7.00 | 7.02
- SERVERCORE | 7.10 | 7.10
- SERVERCORE | 7.11 | 7.11
- SERVERCORE | 7.20 | 7.20
- SERVERCORE | 7.30 | 7.30
- SERVERCORE | 7.31 | 7.31
- UMEADMIN | 7.10 | 7.11
- UMEADMIN | 7.20 | 7.20
- UMEADMIN | 7.30 | 7.30
- UMEADMIN | 7.31 | 7.31
- J2EE ENGINE SERVERCORE 7.10 | SP011 | 000011
- J2EE ENGINE SERVERCORE 7.10 | SP012 | 000012
- J2EE ENGINE SERVERCORE 7.10 | SP013 | 000003
- J2EE ENGINE SERVERCORE 7.10 | SP014 | 000001
- J2EE ENGINE SERVERCORE 7.10 | SP015 | 000000
- J2EE ENGINE SERVERCORE 7.11 | SP006 | 000028
- J2EE ENGINE SERVERCORE 7.11 | SP007 | 000010
- J2EE ENGINE SERVERCORE 7.11 | SP008 | 000005
- J2EE ENGINE SERVERCORE 7.11 | SP009 | 000002
- J2EE ENGINE SERVERCORE 7.11 | SP010 | 000000
- J2EE ENGINE SERVERCORE 7.20 | SP003 | 000046
- J2EE ENGINE SERVERCORE 7.20 | SP004 | 000040
- J2EE ENGINE SERVERCORE 7.20 | SP005 | 000017
- J2EE ENGINE SERVERCORE 7.20 | SP006 | 000005
- J2EE ENGINE SERVERCORE 7.20 | SP007 | 000000
- J2EE ENGINE SERVERCORE 7.20 | SP008 | 000000
- J2EE ENGINE SERVERCORE 7.30 | SP001 | 000013
- J2EE ENGINE SERVERCORE 7.30 | SP002 | 000017
- J2EE ENGINE SERVERCORE 7.30 | SP003 | 000012
- J2EE ENGINE SERVERCORE 7.30 | SP004 | 000004
Affected component
- BC-JAS-SEC-UME
User Management Engine
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1631354
