• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1679897 - PI SEC: Potential information disclosure in PI AF

Главная Специалистам База уязвимостей Note 1679897 - PI SEC: Potential information disclosure in PI AF

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:N/AC:L/AU:N/C:P/I:N/A:NSAP)
Производитель ПО
SAP
Наименование ПО
SAP Notes (1679897-3) SAP Support Packages (XI_ADAPTER_FRAMEWORK_30_SP028_000004, XI_ADAPTER_FRAMEWORK_30_SP029_000003, XI_ADAPTER_FRAMEWORK_30_SP030_000001, XI_ADAPTER_FRAMEWORK_30_SP031_000000, XI_ADAPTER_FRAMEWORK_30_SP999999_999999, XI_ADAPTER_FRAMEWORK_700_SP024_000009, XI_ADAPTER_FRAMEWORK_700_SP025_000010, XI_ADAPTER_FRAMEWORK_700_SP026_000006, XI_ADAPTER_FRAMEWORK_700_SP027_000001, XI_ADAPTER_FRAMEWORK_700_SP028_000000, XI_ADAPTER_FRAMEWORK_700_SP999999_999999, XI_ADAPTER_FRAMEWORK_701_SP009_000006, XI_ADAPTER_FRAMEWORK_701_SP010_000004, XI_ADAPTER_FRAMEWORK_701_SP011_000004, XI_ADAPTER_FRAMEWORK_701_SP012_000001, XI_ADAPTER_FRAMEWORK_701_SP013_000000, XI_ADAPTER_FRAMEWORK_701_SP999999_999999, XI_ADAPTER_FRAMEWORK_702_SP009_000003, XI_ADAPTER_FRAMEWORK_702_SP010_000002, XI_ADAPTER_FRAMEWORK_702_SP011_000003, XI_ADAPTER_FRAMEWORK_702_SP012_000000, XI_ADAPTER_FRAMEWORK_702_SP013_000000, XI_ADAPTER_FRAMEWORK_702_SP999999_999999, XI_ADAPTER_FRAMEWORK_710_SP012_000011, XI_ADAPTER_FRAMEWORK_710_SP013_000006, XI_ADAPTER_FRAMEWORK_710_SP014_000008, XI_ADAPTER_FRAMEWORK_710_SP015_000000, XI_ADAPTER_FRAMEWORK_710_SP999999_999999, XI_ADAPTER_FRAMEWORK_711_SP007_000024, XI_ADAPTER_FRAMEWORK_711_SP008_000016, XI_ADAPTER_FRAMEWORK_711_SP009_000009, XI_ADAPTER_FRAMEWORK_711_SP010_000000, XI_ADAPTER_FRAMEWORK_711_SP999999_999999, XI_ADAPTER_FRAMEWORK_730_SP002_000014, XI_ADAPTER_FRAMEWORK_730_SP003_000027, XI_ADAPTER_FRAMEWORK_730_SP004_000020, XI_ADAPTER_FRAMEWORK_730_SP005_000029, XI_ADAPTER_FRAMEWORK_730_SP007_000010, XI_ADAPTER_FRAMEWORK_730_SP008_000000, XI_ADAPTER_FRAMEWORK_730_SP999999_999999)
Описание
Information such as the 'Communication Components' names can be  discovered using PI Adapter Framework. This information may be used by an attacker to further target.
Как исправить
This is fixed with the Support Packages and Patches of Software Component 'XI ADAPTER FRAMEWORK' (SAPXIAF) referenced by this note in section 'SP Patch Level'.
Ссылки