Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1497248-4)
SAP Support Packages
(SAPKH47035, SAPKH50024, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60408, SAPKH60409, SAPKH60502)
Описание
The problem is due to an SQL injection vulnerability in connection with a missing authorization check.
The code contains an SQL statement composed of strings that can be altered by a malicious user. The resulting overall statements can be manipulated and contents of the database can be displayed.
The code contains an SQL statement composed of strings that can be altered by a malicious user. The resulting overall statements can be manipulated and contents of the database can be displayed.
Как исправить
Implement the corrections.
Ссылки