Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1536982-2)
SAP Support Packages
(NW_MOBILE_CLIENT_SETUP_710_SP006_000017, NW_MOBILE_CLIENT_SETUP_710_SP007_000018, NW_MOBILE_CLIENT_SETUP_710_SP008_000007, NW_MOBILE_CLIENT_SETUP_710_SP009_000006, NW_MOBILE_CLIENT_SETUP_710_SP010_000006, NW_MOBILE_CLIENT_SETUP_710_SP011_000001, NW_MOBILE_CLIENT_SETUP_710_SP012_000000, NW_MOBILE_CLIENT_SETUP_710_SP999999_999999, NW_MOBILE_CLIENT_SETUP_711_SP002_000007, NW_MOBILE_CLIENT_SETUP_711_SP003_000003, NW_MOBILE_CLIENT_SETUP_711_SP004_000005, NW_MOBILE_CLIENT_SETUP_711_SP005_000002, NW_MOBILE_CLIENT_SETUP_711_SP006_000001, NW_MOBILE_CLIENT_SETUP_711_SP007_000000, NW_MOBILE_CLIENT_SETUP_711_SP999999_999999)
Описание
The client code uses insecure means of generation of certain keys used by the client code. This allows a malicious user to predict the key value and create security threats using the to-be-genrated key value.
Как исправить
The issue has been fixed and to get the corrections, please upgrade the client to at least the patch level specified in the "SP Patch Level" section of this note, as relevant to your release and SP.
Ссылки