PT-2014-2697 · Sap · Sap Governance

Ertunga Arsal

Published

2014-11-17

Updated

2018-10-09

CVE-2013-3678

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions SAP Governance, Risk, and Compliance (GRC) (affected versions not specified)

Description The issue allows remote authenticated users to gain privileges and execute arbitrary programs. This can be achieved by sending a crafted request, either via RFC or SOAP-RFC.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-3678

Affected Products

Sap Governance

PT-2014-2697 · Sap · Sap Governance

CVE-2013-3678

Related Identifiers

Affected Products

References · 8