Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1422625-9)
SAP Support Packages
(SAPKB62068, SAPKB64026, SAPKB70022, SAPKB70107, SAPKB70203, SAPKB71010, SAPKB71105, SAPKB72003)
Описание
The cause of the problem is an SQL injection vulnerability. In the source code, an SQL statement is composed of strings. In this case, an attacker can obtain control of the contents of a substring. Therefore, the attacker can manipulate the resulting entire SQL statement and execute it with the rights of the database user who is logged on.
In this case, the attacker can display the data of all destinations, but not the passwords of the logon users that are entered in the connection data. The attacker cannot create new destinations or change or delete existing destinations. The reading of destinations still always requires (including those read without permission) the authorization S_RFC_ADM.
In this case, the attacker can display the data of all destinations, but not the passwords of the logon users that are entered in the connection data. The attacker cannot create new destinations or change or delete existing destinations. The reading of destinations still always requires (including those read without permission) the authorization S_RFC_ADM.
Как исправить
Import the relevant Support Package. In the corrected source code, we removed the dynamic WHERE clause and replaced it with a case distinction for the SQL statement that is used. This prevents the SQL injection.
Ссылки