Description
An attacker can be authenticated to the IPC server used by SAP CRM Mobile Sales without having their own legitimate credentials, or they may escalate privileges.
Available fix and Supported packages
- SAP-IPCMSA | 5.0 | 5.0
- SAP-IPCMSA | 6.0 | 6.0
- SAP-IPCMSA | 700 | 700
- SAP-IPCMSA | 701 | 701
- CRM IPC MOBILE 6.0 | SP009 | 000001
- CRM IPC MOBILE 7.0 | SP010 | 000001
- CRM IPC MOBILE 7.01 | SP006 | 000000
- CRM IPC MOBILE 7.01 | SP007 | 000001
- CRM IPC MOBILE 7.02 | SP001 | 000002
- CRM IPC MOBILE 7.02 | SP003 | 000000
- CRM IPC MOBILE 7.30 | SP000 | 000004
- CRM IPC MOBILE 7.31 | SP000 | 000001
- CRM IPC MOBILE 7.32 | SP002 | 000001
- CRM JAVA APPLICATIONS 5.0 | SP019 | 000021
- SAP SHARED JAVA APPLIC. 5.0 | SP019 | 000021
Affected component
- CRM-IPC
Internet Pricing and Configurator
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected].
URL
https://launchpad.support.sap.com/#/notes/1673533
