• Все разделы
  • Статьи
  • Медиа
  • Новости
  • Нормативные материалы
  • Конференции
  • Глоссарий

Note 1755530 - Directory traversal in IS-B-DP-EDT for report SAPLKXDM

Главная Специалистам База уязвимостей Note 1755530 - Directory traversal in IS-B-DP-EDT for report SAPLKXDM

Карточка уязвимости

Характеристики уязвимости

Уровень опасности
Оценка CVSS
Производитель ПО
SAP
Наименование ПО
SAP Notes (1755530-2) SAP Support Packages (SAPKA62073, SAPKA64031, SAPKA70028, SAPKA70113, SAPKA70213, SAPKA71016, SAPKA71111, SAPKA73009, SAPKA73106)
Описание
1.  The programs contained in the correction instructions contain  vulnerabilities through which a malicious user can potentially read  arbitrary files on the remote server, possibly disclosing confidential information.                                                            2.  Some of  the programs contained in the correction instructions contain a  vulnerability through which a malicious user can potentially write  arbitrary files on the remote server, possibly corrupting data or altering system behavior.
Как исправить
Please refer to note 1497003 for additional information and instructions. The corrections from note 1497003 are a prerequisite fori mplementation of this note.                                    Logical File Names Used in this Solution The following logical file names have been created in order to enable the validation of physical file name:                                             EDT_FILE_PATH_LOGICAL which uses the logical file path EDT_FILE_PATH.
Ссылки