Skip links

Filtering user input when working with MEQUI index table, SAP security note 1507903

Description

Potential disclosure or modification of persisted data working with Master Equipment index table in the Defense Line Maintenance area

Available fix and Supported packages

  • EA-DFPS | 604 | 604
  • EA-DFPS | 605 | 605
  • EA-DFPS 604 | SAPK-60409INEADFPS |
  • EA-DFPS 605 | SAPK-60503INEADFPS |

Affected component

    IS-DFS-LM
    Line Maintenance

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1507903

TAGS

#A-malicious-user-can-exploit-the-Read/Write-routines-of-the-Master-Equipment-Index-Table-functionality-and-use-specially-crafted-inputs-to-modify-database-commands
#resulting-in-either-the-retrieval-of-additional-information-or-modification-of-data-persisted-by-the-system.