Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:M/AU:S/C:P/I:P/A:CThis)
Производитель ПО
Наименование ПО
SAP Notes
(1773758-6)
SAP Support Packages
(SAPKB62074, SAPKB64031, SAPKB70028, SAPKB70113, SAPKB70213, SAPKB71016, SAPKB71111, SAPKB72008, SAPKB73009, SAPKB73106)
Описание
The program code contains a possibility to define and execute user-defined code that changes the behavior of the system. A valid and an authenticated user with administration authorization is required.Depending on the code, the user can:
inject and run their own code,
obtain additional information that should not be displayed,
perform a denial of service attack.
inject and run their own code,
obtain additional information that should not be displayed,
perform a denial of service attack.
Как исправить
Import at least the respectively specified Support Package, or implement the attached correction instructions.
Ссылки