Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1831985-3)
SAP Support Packages
(NW_IDM_72_UIS_FOR_NW_700_SP007_000002, NW_IDM_72_UIS_FOR_NW_700_SP999999_999999, NW_IDM_72_UIS_FOR_NW_710_SP007_000002, NW_IDM_72_UIS_FOR_NW_710_SP999999_999999, NW_IDM_IC_710_UIS_FOR_NW_700_SP007_000003, NW_IDM_IC_710_UIS_FOR_NW_700_SP008_000000, NW_IDM_IC_710_UIS_FOR_NW_700_SP999999_999999, NW_IDM_IC_710_UIS_FOR_NW_710_SP007_000003, NW_IDM_IC_710_UIS_FOR_NW_710_SP008_000000, NW_IDM_IC_710_UIS_FOR_NW_710_SP999999_999999)
Описание
An enduser can assign himself any business role or potentially also any privilege without that an approval is done. A valid and authenticated user is required.
Как исправить
Apply the attached patches for the following versions: o SAP NetWeaver Identity Management 7.1 SP7 User Interface o SAP NetWeaver Identity Management 7.2 SP7 User InterfaceNo patch is required as of: o SAP NetWeaver Identity Management 7.1 SP8 o SAP NetWeaver Identity Management 7.2 SP8
Ссылки