PT-2019-11207 · Sap · Sap Bw/4Hana

Publicado

2019-01-08

Atualizado

2020-08-24

CVE-2019-0243

CVSS v3.1

8.8

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SAP BW/4HANA versions prior to DW4CORE version 1.0 (SP08)

Description: The issue concerns the masterdata maintenance in SAP BW/4HANA, where under certain circumstances, it fails to perform necessary authorization checks for an authenticated user. This results in an escalation of privileges.

Recommendations: For SAP BW/4HANA versions prior to DW4CORE version 1.0 (SP08), update to DW4CORE version 1.0 (SP08) or later to resolve the issue.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

CVE-2019-0243

Produtos afetados

Sap Bw/4Hana

PT-2019-11207 · Sap · Sap Bw/4Hana

CVE-2019-0243

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5