Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1264767-2)
SAP Support Packages
(SAP_CPM_BPC_51_999999_999999, SAP_CPM_BPC_51_SP004_000000, SAP_CPM_BPC_51_SP999999_999999)
Описание
Attackers may gain access to restricted parts in the Web server directory. This kind of attack occurs when the attacker "forces" a URL by accessing it directly instead of following links.
For example, http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&TYPE=DOC">http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&">http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&TYPE=DOC
For example, http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&TYPE=DOC">http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&">http://localhost/OSoft/Common/ShowFile.aspx?FILE=../../../../OSoftInstall.log&TYPE=DOC
Как исправить
Corrected in 5.1 SP4.
The subfolder parameter in the file manager service does not allow ".." anymore.
The subfolder parameter in the file manager service does not allow ".." anymore.
Ссылки