Skip links

Connection to Virus Scan Interface in CA-GTF-IC-CHA, SAP security note 1699357

Description

In the Integrated Communication Interface Mail Channel the connection to the Virus Scan Interface is missing. This can allow a malicious user to upload malicious content to the server, and possibly thereby trick legitimate users into downloading its content.

Available fix and Supported packages

  • SAP_ABA | 700 | 700
  • CRMUIF | 520 | 520
  • CRMUIF | 600 | 600
  • BBPCRM | 702 | 702
  • BBPCRM | 712 | 712
  • WEBCUIF | 700 | 700
  • WEBCUIF | 701 | 701
  • WEBCUIF | 731 | 731
  • WEBCUIF | 730 | 730
  • WEBCUIF | 746 | 746
  • CRMIS | 400 | 400
  • SAP_ABA 700 | SAPKA70028 |
  • SAP_ABA 700 | SAPKA70029 |
  • CRMUIF 520 | SAPK-52013INCRMUIF |
  • CRMUIF 600 | SAPK-60016INCRMUIF |
  • BBPCRM 702 | SAPKU70204 |
  • BBPCRM 712 | 712 |
  • WEBCUIF 731 | SAPK-73104INWEBCUIF |
  • WEBCUIF 746 | 746 |
  • WEBCUIF 700 | SAPK-70013INWEBCUIF |
  • WEBCUIF 701 | SAPK-70110INWEBCUIF |
  • WEBCUIF 730 | SAPK-73005INWEBCUIF |
  • CRMIS 400 | SAPK-40013INCRMIS |

Affected component

    CA-GTF-IC-CHA
    use CRM-IC-CHA(Communication Channels)

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1699357

TAGS

#Virus-Scan-Profile
#Virus-Scan
#Virus-Scan-Interface