Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

December 14, 2010
12:00 am

Missing Authorization for Obsolete PFW after import function, SAP security note 1502787

Description

An authenticated user can trigger an obsolete after import functionality in processing framework(PFW) application without required authorization.

Available fix and Supported packages

FSAPPL | 200 | 200
FSAPPL | 300 | 300
BANK-ALYZE | 42 | 42
BANK-ALYZE | 50 | 50
FSAPPL 200 | SAPKISC313 |
FSAPPL 300 | SAPK-30006INFSAPPL |
BANK-ALYZE 42 | SAPKIBAM14 |
BANK-ALYZE 50 | SAPKIBAL21 |

Affected component

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected].

URL

https://launchpad.support.sap.com/#/notes/1502787

TAGS

#PFW-(Processing-framework)After-import-processauthorization-checkAuthorization-object-F_BAP1_PFR(PA-Authorization-for-Processing-Framework-(Runtime)).

More to explorer

Urgent Security Notice

Press release: RedRays discovered major cybersecurity leak affects 4800 domains

June 4, 2023

Yerevan, 4 June 2023 – RedRays, a cybersecurity provider specializing in the protection of ERP systems, has recently made a disturbing discovery.

Urgent Security Notice

Urgent Security Notice: RedRays Discloses Major Data Breach Affecting SAP Customers

June 2, 2023

RedRays has made an alarming discovery through their rigorous internet data monitoring and analysis: significant breaches involving user logins and passwords of

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

June 1, 2023

Application: SAP NetWeaver AS JavaVersions Affected: SAP NetWeaver Development Infrastructure Component Build Service versions – 7.11, 7.20, 7.30, 7.31, 7.40, 7.50Vendor URL:

Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535

May 24, 2023

Introduction The P4 protocol is important in Java remote communication, mainly with Java Naming and Directory Interface (JNDI) and Java Remote Method