Code injection vulnerability in IS-PRA, SAP security note 1509807

Description

PRA contains code which allows to execute arbitrary program code of the user’s choice.
A malicious user can therefore control the behavior of the system or can potentially escalate privileges by executing malicious code without legitimate own credentials.

Available fix and Supported packages

IS-PRA | 605 | 605

Affected component

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1509807

Arpine Maghakyan

Code injection vulnerability in IS-PRA, SAP security note 1509807

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Security-Note
#Security-Issue
#Security-Problem
#Vulnerability
#ExploitIS-Oil
#industry-solution
#IS-OIL-PRA
#Oil-and-Gas-Upstream
#Production-and-Revenue-Accounting
#Backdoor
#injection
#run
#credentials
#PDM.

More to explorer

SAP Security Patch Day – April 2024

SAP Security Patch Day – March 2024

SAP Cloud Connector Certificate Validation Issue

Critical XSS Vulnerability Identified in SAP NetWeaver AS Java

Arpine Maghakyan

Code injection vulnerability in IS-PRA, SAP security note 1509807

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Security-Note#Security-Issue#Security-Problem#Vulnerability#ExploitIS-Oil#industry-solution#IS-OIL-PRA#Oil-and-Gas-Upstream#Production-and-Revenue-Accounting#Backdoor#injection#run#credentials#PDM.

More to explorer

SAP Security Patch Day – April 2024

SAP Security Patch Day – March 2024

SAP Cloud Connector Certificate Validation Issue

Critical XSS Vulnerability Identified in SAP NetWeaver AS Java

#Security-Note
#Security-Issue
#Security-Problem
#Vulnerability
#ExploitIS-Oil
#industry-solution
#IS-OIL-PRA
#Oil-and-Gas-Upstream
#Production-and-Revenue-Accounting
#Backdoor
#injection
#run
#credentials
#PDM.