Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Cross-Tenant Priv Escalation LOD-ESO-AS, SAP security note 1661738

Description

LOD-ESO-AS can be abused by a malicious user via cross tenant privelege escalation. This effects Multi-Tenant systems only

Available fix and Supported packages

  • ESOUSRMJAVASERVER | 5.0 | 5.0
  • ESOUSRMJAVASERVER | 5.1 | 5.1
  • E-SOURCING SRM JAVA SERVER 5.0 | SP000 | 000010
  • SOURCING SRM JAVA SERVER 5.1 | SP010 | 000000

Affected component

    LOD-ESO-AS
    Accounts & Security

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1661738

TAGS

#Cross-Tenant-privelege-vulnerabilty

More to explorer