Skip links

Directory traversal in SAP CRM Mobile Sales (IPC Server), SAP security note 1673455

Description

The IPC server used by SAP CRM Mobile Sales contains a vulnerability through which an attacker can potentially read or write arbitrary files on the remote server, possibly disclosing confidential information, or corrupting data or altering system behaviour.

Available fix and Supported packages

  • SAP-IPCMSA | 5.0 | 5.0
  • SAP-IPCMSA | 6.0 | 6.0
  • SAP-IPCMSA | 700 | 700
  • SAP-IPCMSA | 701 | 701
  • SAP-IPCMSA | 702 | 702
  • CRM IPC MOBILE 5.0 | SP019 | 000023
  • CRM IPC MOBILE 6.0 | SP009 | 000002
  • CRM IPC MOBILE 7.0 | SP010 | 000002
  • CRM IPC MOBILE 7.01 | SP006 | 000000
  • CRM IPC MOBILE 7.01 | SP007 | 000001
  • CRM IPC MOBILE 7.02 | SP001 | 000002
  • CRM IPC MOBILE 7.02 | SP003 | 000000

Affected component

    CRM-BF-CFG
    Product Configuration

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1673455

TAGS

#Directory-traversal
#IPC
#MSA