Security Execution of any source code, SAP security note 1495570

Description

Due to an error in RKALLOOK, an attacker can execute any user-defined source code. As a result, the attacker can gain control over the system and obtain increased privileges.

Available fix and Supported packages

SAP_APPL | 46C | 46C
SAP_APPL | 470 | 470
SAP_APPL | 500 | 500
SAP_APPL | 600 | 600
SAP_APPL | 602 | 602
SAP_APPL | 603 | 603
SAP_APPL | 604 | 604
SAP_APPL | 605 | 605
SAP_APPL 500 | SAPKH50023 |
SAP_APPL 600 | SAPKH60018 |
SAP_APPL 602 | SAPKH60208 |
SAP_APPL 603 | SAPKH60307 |
SAP_APPL 604 | SAPKH60407 |
SAP_APPL 46C | SAPKH46C61 |
SAP_APPL 605 | SAPKH60502 |
SAP_APPL 470 | SAPKH47035 |

Affected component

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected].

URL

https://launchpad.support.sap.com/#/notes/1495570

Arpine Maghakyan

Security Execution of any source code, SAP security note 1495570

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Backdoor
#injection
#run

More to explorer

Press release: RedRays discovered major cybersecurity leak affects 4800 domains

Urgent Security Notice: RedRays Discloses Major Data Breach Affecting SAP Customers

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535

Arpine Maghakyan

Security Execution of any source code, SAP security note 1495570

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#Backdoor#injection#run

More to explorer

Press release: RedRays discovered major cybersecurity leak affects 4800 domains

Urgent Security Notice: RedRays Discloses Major Data Breach Affecting SAP Customers

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535

#Backdoor
#injection
#run