Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1509235-2)
SAP Support Packages
(SAPKA70206, SAPKA73002)
Описание
The function modules CLBA_CLASSIF_FILE_REMOTE_HOST and CLBA_UPDATE_FILE_REMOTE_HOST fail to correctly validate the path a user-submitted file is written to. This means that an attacker can potentially overwrite data on the remote system.
Как исправить
Implement the changes in accordance with the advance correction.
Also refer to the information contained in Note 1497003. The program changes from Note 1497003 are also a prerequisite for this note.
Also refer to the information contained in Note 1497003. The program changes from Note 1497003 are also a prerequisite for this note.
Ссылки