Update 1 to Security Note 1665930, SAP security note 1864086

Description

FIN-BA can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users.

Available fix and Supported packages

SEM-BW | 747 | 747

Affected component

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected].

URL

https://launchpad.support.sap.com/#/notes/1864086

TAGS

#Reflected-cross-site-scripting
#XSS
#FIN-BA

More to explorer

Press release: RedRays discovered major cybersecurity leak affects 4800 domains

June 4, 2023

Yerevan, 4 June 2023 – RedRays, a cybersecurity provider specializing in the protection of ERP systems, has recently made a disturbing discovery.

Urgent Security Notice: RedRays Discloses Major Data Breach Affecting SAP Customers

June 2, 2023

RedRays has made an alarming discovery through their rigorous internet data monitoring and analysis: significant breaches involving user logins and passwords of

[CVE-2021-33690] Server Side Request Forgery vulnerability in SAP NetWeaver Development Infrastructure

June 1, 2023

Application: SAP NetWeaver AS JavaVersions Affected: SAP NetWeaver Development Infrastructure Component Build Service versions – 7.11, 7.20, 7.30, 7.31, 7.40, 7.50Vendor URL:

Exploring P4 Protocol: Usage, Implementation, and CVE-2021-37535

May 24, 2023

Introduction The P4 protocol is important in Java remote communication, mainly with Java Naming and Directory Interface (JNDI) and Java Remote Method

Arpine Maghakyan