Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1511995-5)
SAP Support Packages
(SAPK-60308INEAFINSRV, SAPK-60409INEAFINSRV, SAPK-60503INEAFINSRV, SAPK-60504INEAFINSRV, SAPKGPFA32, SAPKGPFB21, SAPKGPFC24, SAPKGPFC25, SAPKGPFD19, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C62, SAPKH47036, SAPKH50024, SAPKH50025, SAPKH60019, SAPKH60209, SAPKH60308, SAPKH60409, SAPKH60503, SAPKH60504, SAPKIPBJ40)
Описание
FS-CML / FIN-FSCM-CM fails to correctly validate the path a user-submitted file is written to. Through this, an attacker can potentially overwrite data on the remote system.
Как исправить
Please refer to note 1497003 for additional information and instructions. The corrections from note 1497003 are a prerequisite for implementation of this note.
Ссылки