Skip links

Code injection vulnerability in FS-BA-SRV, SAP security note 1580130

Description

FS-BA-SRV contains code that permits the execution of arbitrary program code of the user’s choice.
A malicious user can therefore control the behavior of the system, or can potentially  escalate privileges by executing malicious code, without having their own legitimate credentials.

Available fix and Supported packages

  • FSAPPL | 300 | 300
  • FSAPPL 300 | SAPK-30008INFSAPPL |

Affected component

    FS-BA-SRV
    Services

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1580130

TAGS

#Backdoor
#injection
#run
#credentials
#FS-BA-SRV