• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1489098

Главная Специалистам База уязвимостей Не установлено обновление Note 1489098

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1489098-2) SAP Support Packages (SAPKH31IB9, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47035, SAPKH50024, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60502)
Описание
The program contains instructions that enable a user to execute code of  the user#s choice, which changes the system#s behavior.  In this case,  the user must be logged on to the system with a valid access.
Depending on the code that the user injects, the user may obtain  additional information to which no actual access was granted. The user  may also be able to modify data, delete data, modify the output of the  system or create new users with higher privileges. The availability of the system is still endangered.
Как исправить
By implementing the corrections, transaction GENC is no longer executed in the production environment.
Ссылки