Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Missing authorization check in credit standing review- cards, SAP security note 1584857

Description

An authenticated user can use functions of the credit standing review to which access should be restricted. This may result in an escalation of privileges.

Available fix and Supported packages

  • FSAPPL | 100 | 100
  • FSAPPL | 200 | 200
  • FSAPPL | 300 | 300
  • FSAPPL | 400 | 400
  • FSAPPL 200 | SAPKISC316 |
  • FSAPPL 300 | SAPK-30009INFSAPPL |
  • FSAPPL 100 | SAPKISC216 |
  • FSAPPL 400 | SAPK-40001INFSAPPL |

Affected component

    FS-AM-CM-CA
    Card

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1584857

TAGS

#Authorization
#authorization-check
#credit-standing-review-for-cards

More to explorer