Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в приложениях SAP
Опубликовано:22 апреля 2013 г.
Источник:
SecurityVulns ID:13030
Тип:удаленная
Уровень опасности:
6/10
Описание:Повышение привилегий, выполнение кода.
CVE:CVE-2013-3063 (SAP BASIS Communication Services 4.6B through 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors.)
 CVE-2013-3062 (The CP_RC_TRANSACTION_CALL_BY_SET function in the Engineering Workbench component in SAP Production Planning and Control allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.)
 CVE-2013-3061 (The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.)
Оригинальный текстdocumentESNC Security, [ESNC-2013-003] Remote OS Command Execution in SAP BASIS Communication Services (22.04.2013)
 documentESNC Security, [ESNC-2013-002] Privilege Escalation in SAP Production Planning and Control (22.04.2013)
 documentESNC Security, [ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution (22.04.2013)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород