Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1480248-2)
SAP Support Packages
(SAPKU70102)
Описание
Function Module CRM_SVY_DB_SFA_LIST lacks permission checks for an authenticated user#s authorization to access some of its functionality. This may result in undesired system behavior.
Как исправить
A new authority check with authorization object = 'CRM_SVY' ID = 'ACTVT' and FIELD = '03' is introduced with this note. You have to check and possibly update the relevant authorization profiles for the affected users that use functionality of CRM Survey.
Ссылки