• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Не установлено обновление Note 1509424

Главная Специалистам База уязвимостей Не установлено обновление Note 1509424

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1509424-3) SAP Support Packages (SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47035, SAPKH50024, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60503)
Описание
1. The programs contained in the correction instructions contain  vulnerabilities through which a malicious user can potentially read  arbitrary files on the remote server, possibly disclosing confidential information.
2. The programs contained in the correction instructions contain a  vulnerability through which a malicious user can potentially write  arbitrary files on the remote server, possibly corrupting data or altering system behavior.
Как исправить
The mentioned programs are used in RE-Classic for legacy data transfer. As RE-Classic is an old product (see also note 443311) for which the successor product RE-FX exists, we decided to remove the critical coding inside the programs contained in the correction instructions. After implementing the correction, the programs do not work anylonger. If you use these programs nevertheless, please submit a customer message under subject area RE-BD or RE-RT with reference to this note.
Ссылки