Карточка уязвимости
Характеристики уязвимости
Уровень опасности
Оценка CVSS
Производитель ПО
Наименование ПО
SAP Notes
(1870426-1)
SAP Support Packages
(SAPKU60014, SAPKU70014, SAPKU70111, SAPKU70209, SAPKU71204, SAPKU71302)
Описание
The program code contains a possibility to define and execute user-defined code that changes the behavior of the system. A valid and authenticated user is required.Depending on the code, the user can:inject and run their own code,obtain additional information that should not be displayed,modify data, delete data,modify the output of the system,create new users with higher privileges,perform a denial of service attack.
Как исправить
Implement the correction.
Ссылки