Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1472406-5)
SAP Support Packages
(SAPK-70102INSRMSRV, SAPKIBKS17, SAPKIBKT18, SAPKIBKU06, SAPKIBKV09, SAPKU40018)
Описание
Business Partner lacks permission checks for an authenticated user's authorization to access some of its functionality. This may result in undesired system behavior.
Как исправить
Implement this note or the related support package.
The dynamic transaction calls are now validated using appropriate authority checks so that they can now be called only by users authorized to execute the transactions.
The dynamic transaction calls are now validated using appropriate authority checks so that they can now be called only by users authorized to execute the transactions.
Ссылки