• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1668465 - Directory traversal in RSUPG_COPY_SHD_VIEWS

Главная Специалистам База уязвимостей Note 1668465 - Directory traversal in RSUPG_COPY_SHD_VIEWS

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1668465-2)
Описание
RSUPG_COPY_SHD_VIEWS fails to correctly validate the path to which a  user-submitted file is written. As a result, a malicious user can potentially overwrite data in the remote system.
Как исправить
The report is part of the EHP Installer and the Software Update Managers. If these tools were not used in the system, you usually do not have to do anything.

For this reason you should check first whether the system contains this program. If this is not the case, it will in future be sufficient to use the current archive versions of the EHP Installer (EHPI.SAR) or the Software Update Manager (SUM.SAR).

If the system contains an older version of the program, implement the attached order.
Ссылки