Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

MM Potential directory traversal, SAP security note 1599261

Description

Potential directory traversal vulnerabilities in materials management (MM)

Available fix and Supported packages

  • SAP_APPL | 31I | 31I
  • SAP_APPL | 40B | 40B
  • SAP_APPL | 45B | 45B
  • SAP_APPL | 46B | 46B
  • SAP_APPL | 46C | 46C
  • SAP_APPL | 470 | 470
  • SAP_APPL | 500 | 500
  • SAP_APPL | 600 | 600
  • SAP_APPL | 602 | 602
  • SAP_APPL | 603 | 603
  • SAP_APPL | 604 | 604
  • SAP_APPL | 605 | 605
  • SAP_APPL 31I | SAPKH31IB9 |
  • SAP_APPL 40B | SAPKH40B89 |
  • SAP_APPL 45B | SAPKH45B67 |
  • SAP_APPL 46B | SAPKH46B62 |
  • SAP_APPL 600 | SAPKH60020 |
  • SAP_APPL 602 | SAPKH60210 |
  • SAP_APPL 603 | SAPKH60309 |
  • SAP_APPL 604 | SAPKH60410 |
  • SAP_APPL 46C | SAPKH46C63 |
  • SAP_APPL 470 | SAPKH47037 |
  • SAP_APPL 500 | SAPKH50026 |
  • SAP_APPL 605 | SAPKH60506 |
  • SAP_APPL 600 | SAPKH60021 |
  • SAP_APPL 602 | SAPKH60211 |
  • SAP_APPL 603 | SAPKH60310 |
  • SAP_APPL 604 | SAPKH60411 |

Affected component

    MM-PUR-PO
    Purchase Orders

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1599261

TAGS

#RM06EEEX
#RM06EET1

More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,