Skip links
RedRays - Your SAP Security Solution
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Potential denial of service in Options, SAP security note 1500726

Description

A malicious user can remotely exploit /SAPPSSRM/CL_COPY_SAP_STRUC class and render it unavailable, as well as potentially the resources that are used to serve /SAPPSSRM/CL_COPY_SAP_STRUC class.

Available fix and Supported packages

  • SRM_SERVER | 550 | 550
  • SRM_SERVER | 600 | 600
  • SRM_EXT | 700 | 700
  • SRM_EXT | 701 | 701
  • SRM_SERVER 600 | SAPKIBKU06 |
  • SRM_SERVER 550 | SAPKIBKT18 |
  • SRM_EXT 700 | SAPK-70010INSRMEXT |
  • SRM_EXT 701 | SAPK-70103INSRMEXT |

Affected component

    PSM-GPR-OPT
    Options

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1500726

TAGS

#SRM
#Supplier-Relationship-Management
#PPS
#Procurement-for-Public-Sector
#Optional-Line-Items
#Options
#DoS
#Denial-of-Service

More to explorer

SAP Cloud Connector Certificate Validation Issue

February 13, 2024

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,