• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1773758 - Code injection vulnerability in TH_ENQUEUE_PERF

Главная Специалистам База уязвимостей Note 1773758 - Code injection vulnerability in TH_ENQUEUE_PERF

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:N/AC:M/AU:S/C:P/I:P/A:CThis)
Производитель ПО
SAP
Наименование ПО
SAP Notes (1773758-6) SAP Support Packages (SAPKB62074, SAPKB64031, SAPKB70028, SAPKB70113, SAPKB70213, SAPKB71016, SAPKB71111, SAPKB72008, SAPKB73009, SAPKB73106)
Описание
The program code contains a possibility to define and execute  user-defined code that changes the behavior of the system. A valid and  an authenticated user with administration authorization is required.Depending on the code, the user can:
inject and run their own code,
obtain additional information that should not be displayed,
perform a denial of service attack.
Как исправить
Import at least the respectively specified Support Package, or implement the attached correction instructions.
Ссылки