Skip links

Missing authorization check in SRM-EBP-ADM-XBP, SAP security note 2079818

Description

An authenticated user can use functions of SRM-EBP-ADM-XBP to which access should be restricted. This may result in an escalation of privileges.

Available fix and Supported packages

  • SRM_SERVER | 713 | 713
  • SRM_SERVER | 714 | 714
  • SRM_SERVER 713 | SAPK-71307INSRMSRV |

Affected component

    SRM-EBP-ADM-XBP
    External Business Partner

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2079818

TAGS

#Authorization
#authorization-check
#SRM-EBP-ADM-XBP