Description
A malicious user can exploit the database interface for the IPC and use specially crafted inputs to execute arbitrary database commands to retrieve, modify, or remove data persisted by the system.
Available fix and Supported packages
- BBPCRM | 400 | 400
- BBPCRM | 500 | 500
- BBPCRM | 510 | 510
- BBPCRM | 520 | 520
- BBPCRM | 600 | 600
- BBPCRM | 700 | 700
- BBPCRM | 701 | 701
- BBPCRM 400 | SAPKU40018 |
- BBPCRM 500 | SAPKU50017 |
- BBPCRM 520 | SAPKU52010 |
- BBPCRM 600 | SAPKU60008 |
- BBPCRM 701 | SAPKU70102 |
- BBPCRM 700 | SAPKU70008 |
Affected component
- CRM-BF-CFG
Product Configuration
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected].
URL
https://launchpad.support.sap.com/#/notes/1484918