Skip links

Dir. Traversal in Physical inventory processing, SAP security note 1536809

Description

Potential Directory Traversal in the component SCM-EWM-PI and following transactions:

  • /SCWM/PI_UPLOAD – Upload Storage Bins and Count Data
  • /SCWM/PI_DOWNLOAD – Download Storage Bins and Count Data
  • /SCWM/PI_SAMP_STOCK – Download Stock Population
  • /SCWM/PI_SAMP_CR – Upload Sample to Create PI Documents
  • /SCWM/PI_SAMP_UPDATE – Download Results or Stock Population

Available fix and Supported packages

  • SCM | 500 | 500
  • SCMEWM | 510 | 510
  • SCMEWM | 700 | 700
  • SCMEWM | 701 | 701
  • SCM 500 | SAPKY50019 |
  • SCMEWM 510 | SAPK-51015INSCMEWM |
  • SCMEWM 700 | SAPK-70009INSCMEWM |
  • SCMEWM 701 | SAPK-70104INSCMEWM |

Affected component

    SCM-EWM-PI
    Physical Inventory

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1536809

TAGS

#Path-traversal