Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
(AV:N/AC:M/AU:N/C:P/I:P/A:NSAP)
Производитель ПО
Наименование ПО
SAP Notes
(1751800-2)
SAP Support Packages
(CRM_JAVA_APPLICATIONS_60_SP010_000016, CRM_JAVA_APPLICATIONS_60_SP999999_999999, CRM_JAVA_APPLICATIONS_70_SP011_000013, CRM_JAVA_APPLICATIONS_70_SP999999_999999, CRM_JAVA_APPLICATIONS_701_SP008_000014, CRM_JAVA_APPLICATIONS_701_SP999999_999999, CRM_JAVA_APPLICATIONS_702_SP004_000002, CRM_JAVA_APPLICATIONS_702_SP999999_999999, CRM_JAVA_APPLICATIONS_730_SP000_000049, CRM_JAVA_APPLICATIONS_730_SP999999_999999, CRM_JAVA_APPLICATIONS_731_SP008_000013, CRM_JAVA_APPLICATIONS_731_SP999999_999999, CRM_JAVA_APPLICATIONS_732_SP003_000007, CRM_JAVA_APPLICATIONS_732_SP999999_999999, CRM_JAVA_COMPONENTS_60_SP010_000016, CRM_JAVA_COMPONENTS_60_SP999999_999999, CRM_JAVA_COMPONENTS_70_SP011_000013, CRM_JAVA_COMPONENTS_70_SP999999_999999, CRM_JAVA_COMPONENTS_701_SP008_000014, CRM_JAVA_COMPONENTS_701_SP999999_999999, CRM_JAVA_COMPONENTS_702_SP004_000002, CRM_JAVA_COMPONENTS_702_SP999999_999999, CRM_JAVA_COMPONENTS_730_SP000_000049, CRM_JAVA_COMPONENTS_730_SP999999_999999, CRM_JAVA_COMPONENTS_731_SP008_000013, CRM_JAVA_COMPONENTS_731_SP999999_999999, CRM_JAVA_COMPONENTS_732_SP003_000007, CRM_JAVA_COMPONENTS_732_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_60_SP010_000016, CRM_JAVA_WEB_COMPONENTS_60_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_70_SP011_000013, CRM_JAVA_WEB_COMPONENTS_70_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_701_SP008_000014, CRM_JAVA_WEB_COMPONENTS_701_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_702_SP004_000002, CRM_JAVA_WEB_COMPONENTS_702_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_730_SP000_000049, CRM_JAVA_WEB_COMPONENTS_730_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_731_SP008_000013, CRM_JAVA_WEB_COMPONENTS_731_SP999999_999999, CRM_JAVA_WEB_COMPONENTS_732_SP003_000007, CRM_JAVA_WEB_COMPONENTS_732_SP999999_999999, SAP_SHARED_JAVA_APPLIC_60_SP010_000016, SAP_SHARED_JAVA_APPLIC_60_SP999999_999999, SAP_SHARED_JAVA_APPLIC_70_SP011_000013, SAP_SHARED_JAVA_APPLIC_70_SP999999_999999, SAP_SHARED_JAVA_APPLIC_701_SP008_000014, SAP_SHARED_JAVA_APPLIC_701_SP999999_999999, SAP_SHARED_JAVA_APPLIC_702_SP004_000002, SAP_SHARED_JAVA_APPLIC_702_SP999999_999999, SAP_SHARED_JAVA_APPLIC_730_SP000_000049, SAP_SHARED_JAVA_APPLIC_730_SP999999_999999, SAP_SHARED_JAVA_APPLIC_731_SP008_000013, SAP_SHARED_JAVA_APPLIC_731_SP999999_999999, SAP_SHARED_JAVA_APPLIC_732_SP003_000007, SAP_SHARED_JAVA_APPLIC_732_SP999999_999999, SAP_SHARED_JAVA_COMP_701_SP008_000014, SAP_SHARED_JAVA_COMP_701_SP999999_999999, SAP_SHARED_JAVA_COMP_702_SP004_000002, SAP_SHARED_JAVA_COMP_702_SP999999_999999, SAP_SHARED_JAVA_COMP_730_SP000_000049, SAP_SHARED_JAVA_COMP_730_SP999999_999999, SAP_SHARED_JAVA_COMP_731_SP008_000013, SAP_SHARED_JAVA_COMP_731_SP999999_999999, SAP_SHARED_JAVA_COMP_732_SP003_000007, SAP_SHARED_JAVA_COMP_732_SP999999_999999, SAP_SHARED_JAVA_COMPONENTS_60_SP010_000016, SAP_SHARED_JAVA_COMPONENTS_60_SP999999_999999, SAP_SHARED_JAVA_COMPONENTS_70_SP011_000013, SAP_SHARED_JAVA_COMPONENTS_70_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_60_SP010_000016, SAP_SHARED_WEB_COMPONENTS_60_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_70_SP011_000013, SAP_SHARED_WEB_COMPONENTS_70_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_701_SP008_000014, SAP_SHARED_WEB_COMPONENTS_701_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_702_SP004_000002, SAP_SHARED_WEB_COMPONENTS_702_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_730_SP000_000049, SAP_SHARED_WEB_COMPONENTS_730_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_731_SP008_000013, SAP_SHARED_WEB_COMPONENTS_731_SP999999_999999, SAP_SHARED_WEB_COMPONENTS_732_SP003_000007, SAP_SHARED_WEB_COMPONENTS_732_SP999999_999999)
Описание
Information such as the user ids, first names, last names, addresses can be discovered using CRM-ISA-BCS. This information may be used by an attacker to further target CRM-ISA-BCS.
Как исправить
This note contains Java correction(s) for E-Commerce and Web Channel.Apply the Support Package patch level attached to this note.For more information about applying Java patches, refer to Note 877887.See Note 1546959 for information about the patch strategy.
Ссылки