Skip links
RedRays
Published in: sap note

J2EE Security vulnerability by unprotected HTTP PUT method, SAP security note 604285

Author
Published on:

Description

By default there are no restrictions for the HTTP PUT method.
Also, authentication is not required if you try to upload a file.

Available fix and Supported packages

  • SAP-JEE | 6.20 | 6.20

Affected component

    BC-JAS-WEB
    Web Container, HTTP, JavaMail, Servlets

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/604285

TAGS

#J2EE
#PUT

You may also like