Skip links
RedRays
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Protect access to PSE files by additional AUTHORITY-CHECK, SAP security note 1497104

Description

Insufficient authorization checks may allow ABAP programs to access PSE files.

Available fix and Supported packages

  • SAP_APPL | 40A | 40B
  • SAP_APPL | 45A | 45B
  • SAP_APPL | 46A | 46B
  • SAP_BASIS | 46A | 46D
  • SAP_BASIS | 610 | 640
  • SAP_BASIS | 700 | 702
  • SAP_BASIS | 710 | 730
  • SAP_BASIS | 72L | 72L
  • SAP KERNEL 4.6D_EX2 32-BIT | SP2540 | 002540
  • SAP KERNEL 4.6D_EX2 64-BIT | SP2540 | 002540
  • SAP KERNEL 4.6D_EXT 32-BIT | SP2540 | 002540
  • SAP KERNEL 4.6D_EXT 64-BIT | SP2540 | 002540
  • SAP KERNEL 6.40 32-BIT | SP342 | 000342
  • SAP KERNEL 6.40 32-BIT UNICODE | SP342 | 000342
  • SAP KERNEL 6.40 64-BIT | SP342 | 000342
  • SAP KERNEL 6.40 64-BIT UNICODE | SP342 | 000342
  • SAP KERNEL 6.40_EX2 32-BIT | SP342 | 000342
  • SAP KERNEL 6.40_EX2 32-BIT UC | SP342 | 000342
  • SAP KERNEL 6.40_EX2 64-BIT | SP342 | 000342
  • SAP KERNEL 6.40_EX2 64-BIT UC | SP342 | 000342
  • SAP KERNEL 7.00 32-BIT | SP268 | 000268
  • SAP KERNEL 7.00 32-BIT UNICODE | SP268 | 000268
  • SAP KERNEL 7.00 64-BIT | SP268 | 000268
  • SAP KERNEL 7.00 64-BIT UNICODE | SP268 | 000268
  • SAP KERNEL 7.01 32-BIT | SP106 | 000106
  • SAP KERNEL 7.01 32-BIT UNICODE | SP106 | 000106
  • SAP KERNEL 7.01 64-BIT | SP106 | 000106
  • SAP KERNEL 7.01 64-BIT UNICODE | SP106 | 000106

Affected component

    BC-SEC-SSF
    Secure Store and Forward

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected].

URL

https://launchpad.support.sap.com/#/notes/1497104

TAGS

#STRUST
#public-key
#PSE
#Personal-Security-Environment

More to explorer