Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1490182-6)
SAP Support Packages
(SAPK-60018INISM, SAPK-60208INISM, SAPK-60307INISM, SAPK-60408INISM, SAPK-60502INISM, SAPKIPPL33, SAPKIPPM26, SAPKIPPN20)
Описание
The program contains statements that enable the user to execute user-defined code that changes the behavior of the system. A valid and authenticated user is required for this.
Depending on the code that the user injects, the user can obtain additional information that should not be displayed. In addition, the user may modify data, delete data, modify the output of the system, or create new users with higher privileges. There is also the risk that the system may no longer be available.
Depending on the code that the user injects, the user can obtain additional information that should not be displayed. In addition, the user may modify data, delete data, modify the output of the system, or create new users with higher privileges. There is also the risk that the system may no longer be available.
Как исправить
Implement this note or import the relevant Support Package.
Ссылки