PT-2019-11235 · Sap · Sap Portfolio/Project Management+3
Publicado
2019-12-11
·
Atualizado
2020-08-24
·
CVE-2019-0399
CVSS v3.1
6.5
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
SAP Portfolio and Project Management versions prior to S4CORE 102, 103,
EPPM 100
CPRXRPM 500 702, 600 740, 610 740
Description:
The issue unintentionally allows a user to discover accounting information of the Projects in the Project dashboard, leading to information disclosure.
Recommendations:
For versions prior to S4CORE 102, 103, update to version S4CORE 102 or 103 to resolve the issue.
For version EPPM 100, update to a version after EPPM 100.
For versions CPRXRPM 500 702, 600 740, 610 740, update to a version after CPRXRPM 500 702, 600 740, 610 740.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Cprxrpm
Eppm
S4Core
Sap Portfolio/Project Management