• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1819822 - Missing authorization check in configuration service

Главная Специалистам База уязвимостей Note 1819822 - Missing authorization check in configuration service

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
(AV:N/AC:L/AU:N/C:P/I:N/A:NSAP)
Производитель ПО
SAP
Наименование ПО
SAP Notes (1819822-2) SAP Support Packages (J2EE_ENGINE_SERVERCORE_710_SP014_000029, J2EE_ENGINE_SERVERCORE_710_SP015_000013, J2EE_ENGINE_SERVERCORE_710_SP016_000001, J2EE_ENGINE_SERVERCORE_710_SP017_000000, J2EE_ENGINE_SERVERCORE_710_SP999999_999999, J2EE_ENGINE_SERVERCORE_711_SP009_000033, J2EE_ENGINE_SERVERCORE_711_SP010_000017, J2EE_ENGINE_SERVERCORE_711_SP011_000001, J2EE_ENGINE_SERVERCORE_711_SP012_000000, J2EE_ENGINE_SERVERCORE_711_SP999999_999999, J2EE_ENGINE_SERVERCORE_720_SP005_000049, J2EE_ENGINE_SERVERCORE_720_SP006_000038, J2EE_ENGINE_SERVERCORE_720_SP007_000034, J2EE_ENGINE_SERVERCORE_720_SP008_000013, J2EE_ENGINE_SERVERCORE_720_SP009_000000, J2EE_ENGINE_SERVERCORE_720_SP999999_999999, J2EE_ENGINE_SERVERCORE_730_SP007_000048, J2EE_ENGINE_SERVERCORE_730_SP008_000014, J2EE_ENGINE_SERVERCORE_730_SP009_000000, J2EE_ENGINE_SERVERCORE_730_SP010_000000, J2EE_ENGINE_SERVERCORE_730_SP999999_999999, J2EE_ENGINE_SERVERCORE_731_SP003_000033, J2EE_ENGINE_SERVERCORE_731_SP004_000028, J2EE_ENGINE_SERVERCORE_731_SP005_000008, J2EE_ENGINE_SERVERCORE_731_SP006_000005, J2EE_ENGINE_SERVERCORE_731_SP007_000000, J2EE_ENGINE_SERVERCORE_731_SP008_000000, J2EE_ENGINE_SERVERCORE_731_SP999999_999999, J2EE_ENGINE_SERVERCORE_740_SP002_000000, J2EE_ENGINE_SERVERCORE_740_SP003_000000, J2EE_ENGINE_SERVERCORE_740_SP999999_999999, SAP_J2EE_ENGINE_640_SP030_000009, SAP_J2EE_ENGINE_640_SP031_000003, SAP_J2EE_ENGINE_640_SP999999_999999, SAP_J2EE_ENGINE_CORE_700_SP026_000023, SAP_J2EE_ENGINE_CORE_700_SP027_000013, SAP_J2EE_ENGINE_CORE_700_SP028_000005, SAP_J2EE_ENGINE_CORE_700_SP029_000000, SAP_J2EE_ENGINE_CORE_700_SP999999_999999, SAP_J2EE_ENGINE_CORE_701_SP011_000024, SAP_J2EE_ENGINE_CORE_701_SP012_000017, SAP_J2EE_ENGINE_CORE_701_SP013_000001, SAP_J2EE_ENGINE_CORE_701_SP014_000000, SAP_J2EE_ENGINE_CORE_701_SP999999_999999, SAP_J2EE_ENGINE_CORE_702_SP011_000026, SAP_J2EE_ENGINE_CORE_702_SP012_000013, SAP_J2EE_ENGINE_CORE_702_SP013_000001, SAP_J2EE_ENGINE_CORE_702_SP014_000000, SAP_J2EE_ENGINE_CORE_702_SP999999_999999)
Описание
The configuration service does not check authenticated user's  authorization to allow access to its functions. This may result in undesired system behavior.
Как исправить
Apply the patch level for your version and service pack that contains all the fixes attached to this note. For details, check the Validity section.
Ссылки