Description
Potential directory traversals in applications using physical file names or logical file names as input.
This note provides the additional correction instructions which need to be applied in case you decide not to import the transport request as described in note 1497003. As mentioned in note 1497003 SAP recommends that you import the transport request in order to avoid issues with copy & paste errors or other errors related to manual application or creation of corrections and objects.
Available fix and Supported packages
- SAP_APPL | 31I | 31I
- SAP_APPL | 40B | 40B
- SAP_APPL | 45B | 45B
- SAP_BASIS | 46B | 46C
- SAP_BASIS | 620 | 640
- SAP_BASIS | 700 | 702
- SAP_BASIS | 710 | 730
- SAP_BASIS | 72L | 800
Affected component
- BC-CCM-FIL
Platform independent file names
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected].
URL
https://launchpad.support.sap.com/#/notes/1543851
