Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:M/AU:S/C:P/I:N/A:NSAP)
Производитель ПО
Наименование ПО
SAP Notes
(1688229-4)
SAP Support Packages
(SAPKITLRA6)
Описание
Several remote enabled functions of the Service Data framework do not contain authorization checks for checking an authenticated user's authorization to access some of its functions. This may result in information disclosure.The functions are used for remote services such as the EarlyWatch Alert (EWA).
Как исправить
Ссылки