Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:A/AC:M/AU:S/C:P/I:N/A:NSAP)
Производитель ПО
Наименование ПО
SAP Notes
(1807196-4)
SAP Support Packages
(SAPKA62074, SAPKA64032, SAPKA70029, SAPKA70114, SAPKA70214, SAPKA71017, SAPKA71112, SAPKA73009, SAPKA73107, SAPKA74002, SAPKH31IB9, SAPKH40B89, SAPKH45B67, SAPKH46B62, SAPKH46C66)
Описание
CA-CL fails to correctly validate the path that is used to reference a file that is read from the remote server. As a result, an attacker can potentially direct the program to an arbitrary other file in the system, disclosing its contents.CA-CL fails to correctly validate the path to which a user-submitted file is written. As a result, an attacker can potentially overwrite data in the remote system.
Как исправить
Implement this SAP Note.
Ссылки