Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Potential information disclosure in incident tasks, SAP security note 1802680

Description

Component: Incident Management
Module:Incident Recording

This SAP Note is a prerequisite for SAP Note 1804016.
Incident tasks can potentially reveal information to people who do not have the appropriate access level assigned to their users.

Available fix and Supported packages

  • EHSM | 200 | 200
  • EHSM | 300 | 300
  • EHSM 200 | SAPK-20004INEHSM |
  • EHSM 300 | SAPK-30003INEHSM |

Affected component

    EHS-MGM-INC
    Incident Management

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1802680

TAGS

#EHSM200SP04INCEHSM300SP03INC-Incident
#tasks
#Information-disclosure

More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,