Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1499379-5)
SAP Support Packages
(SAPKB70023, SAPKB70108, SAPKB70205, SAPKB71011, SAPKB71106, SAPKB72004, SAPKB73001)
Описание
Report RGTABKEY_COMPRESS and RGTABKEY_ROOT
fail to correctly validate the path a user-submitted file is written to. Through this, an attacker can potentially overwrite data on the remote system.
fail to correctly validate the path a user-submitted file is written to. Through this, an attacker can potentially overwrite data on the remote system.
Как исправить
Import the relevant Support Package or apply the correction instructions. The corrections do not have any
influence on the normal functions of the application and no further
adjustments or configurations are required, since these objects contain SAP-internal functionality.
influence on the normal functions of the application and no further
adjustments or configurations are required, since these objects contain SAP-internal functionality.
Ссылки