A malicious user can exploit ESFUtil API and use specially crafted inputs to modify data-base commands, resulting in the retrieval of additional information persisted by the system.
Available fix and Supported packages
- SAP_BASIS | 711 | 711
- SAP_BASIS | 72L | 72L
- SAP_BASIS 711 | SAPKB71107 |
Supportability Tools (TestShell, ESFUtil)
Exploit is not available.
For detailed information please contact the mail [email protected]