Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1495097-4)
SAP Support Packages
(SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47036, SAPKH50024, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60503)
Описание
1. The programs lack permission checks for an authenticated user's authorization to access some of its functionality. This may result in undesired system behavior.
2. The program code contains a hard-coded username which changes the system#s behavior if a user authenticates successfully.
2. The program code contains a hard-coded username which changes the system#s behavior if a user authenticates successfully.
Как исправить
Apply support package or correction instructions.
1. Auhority checks have been added to the program logic.
2. Program is obsolete and has been deactivated.
1. Auhority checks have been added to the program logic.
2. Program is obsolete and has been deactivated.
Ссылки