Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1482345-2)
SAP Support Packages
(SAPKU60008, SAPKU70008, SAPKU70102)
Описание
The problem is caused by an SQL injection vulnerability. The code composes an SQL statement including strings that can be altered by a malicious user. The manipulated SQL statement can then be used to delete information from the database.
Как исправить
This enhancement has been done in:
- CRM2007 SP08
- CRM 7.0 SP08
- EHP1 SP02
For a preliminary correction please implement the correction instructions with the SAP Note Assistant.
- CRM2007 SP08
- CRM 7.0 SP08
- EHP1 SP02
For a preliminary correction please implement the correction instructions with the SAP Note Assistant.
Ссылки