Skip links
RedRays
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

PI SEC Security vulnerabilities found in Apache Commons Collections library used in Enterprise Services Repository, SAP security note 2246851

Description

Enterprise Services Repository (ESR) uses a version of Apache Commons Collections, for which security vulnerabilities have been detected.

Available fix and Supported packages

  • SAP_XIESR | 7.30 | 7.30
  • SAP_XIESR | 7.31 | 7.31
  • SAP_XIESR | 7.40 | 7.40
  • SAP_XIESR | 7.50 | 7.50
  • ESR 7.30 | SP011 | 000013
  • ESR 7.30 | SP012 | 000013
  • ESR 7.30 | SP013 | 000008
  • ESR 7.30 | SP014 | 000001
  • ESR 7.30 | SP015 | 000000
  • ESR 7.31 | SP014 | 000022
  • ESR 7.31 | SP015 | 000011
  • ESR 7.31 | SP016 | 000007
  • ESR 7.31 | SP017 | 000003
  • ESR 7.31 | SP018 | 000000
  • ESR 7.40 | SP009 | 000019
  • ESR 7.40 | SP010 | 000011
  • ESR 7.40 | SP011 | 000006
  • ESR 7.40 | SP012 | 000003
  • ESR 7.40 | SP013 | 000000
  • ESR 7.50 | SP000 | 000003
  • ESR 7.50 | SP001 | 000002
  • ESR 7.50 | SP002 | 000000
  • ESR 7.50 | SP003 | 000000

Affected component

    BC-XI-IBD
    Integration Builder – Design

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2246851

TAGS

#Process-Integration
#ESR
#OSS
#remote-code-injection
#denial-of-service
#java-serialization-vulnerability

More to explorer