Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1502330-8)
SAP Support Packages
(SAPK-60308INEAFINSRV, SAPK-60409INEAFINSRV, SAPK-60503INEAFINSRV, SAPK-60504INEAFINSRV, SAPKGPFD19)
Описание
There is a directory traversal with write or read and write authorization.
The methods contain an error when checking paths to which data transferred by a user is written. An attacker can use this to transfer any data to the remote system or to overwrite existing data.
The methods contain an error when checking paths to which data transferred by a user is written. An attacker can use this to transfer any data to the remote system or to overwrite existing data.
Как исправить
Ссылки