• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1807196 - CA-CL: Directory traversal vulnerability

Главная Специалистам База уязвимостей Note 1807196 - CA-CL: Directory traversal vulnerability

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:A/AC:M/AU:S/C:P/I:N/A:NSAP)
Производитель ПО
SAP
Наименование ПО
SAP Notes (1807196-4) SAP Support Packages (SAPKA62074, SAPKA64032, SAPKA70029, SAPKA70114, SAPKA70214, SAPKA71017, SAPKA71112, SAPKA73009, SAPKA73107, SAPKA74002, SAPKH31IB9, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C66)
Описание
CA-CL fails to correctly validate the path that is used to reference a  file that is read from the remote server. As a result, an attacker can  potentially direct the program to an arbitrary other file in the system, disclosing its contents.CA-CL fails to correctly validate the path to which a user-submitted  file is written. As a result, an attacker can potentially overwrite data in the remote system.
Как исправить
Implement this SAP Note.
Ссылки