• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1667388 - Explicit Scope Declaration issues in BRMS-CORE

Главная Специалистам База уязвимостей Note 1667388 - Explicit Scope Declaration issues in BRMS-CORE

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1667388-1) SAP Support Packages (BRMS_CORE_720_SP006_000001, BRMS_CORE_720_SP007_000000, BRMS_CORE_720_SP008_000000, BRMS_CORE_720_SP999999_999999, BRMS_CORE_730_SP005_000001, BRMS_CORE_730_SP007_000000, BRMS_CORE_730_SP999999_999999, BRMS_CORE_731_SP001_000001, BRMS_CORE_731_SP002_000001, BRMS_CORE_731_SP003_000000, BRMS_CORE_731_SP999999_999999)
Описание
In BRMS-CORE, there are problems with explicit scope declaration of fields,methods and classes.Such classes, methods, and variables that aren't explicitly labeled as public, private or protected are  accessible within the same package. This is insecure. So an attacker  could introduce a new class into the package and use this new class to access the things was assumed to be hidden.
Как исправить
To correct this issue, apply the patch matching your support package version as listed in the patch table below as per the instructions in the NetWeaver Support Package Stack Guide.
Ссылки