PT-2013-5755 · Sap · Sap Netweaver
Published
2013-09-11
·
Updated
2018-12-10
·
CVE-2013-5723
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
SAP NetWeaver version 7.30
Description
A SQL injection issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0 DELETE DERIVATION TABLE."
Recommendations
For SAP NetWeaver version 7.30, apply the necessary patch or update to fix the SQL injection issue related to "ABAD0 DELETE DERIVATION TABLE." As a temporary workaround, consider restricting access to the affected module to minimize the risk of exploitation.
Fix
RCE
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Netweaver