Code injection

2018-11-1320:29:00

PRIOn knowledge base

www.prio-n.com

7 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.5%

JSON

In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50, 75C to 75D, a transaction code reserved for customer is used. By implementing such transaction code a malicious user may execute unauthorized transaction functionality.

CPENameOperatorVersion
advanced_business_application_programmingge7.10
advanced_business_application_programmingle7.11
advanced_business_application_programmingeq7.30
advanced_business_application_programmingeq7.31
advanced_business_application_programmingeq7.40
advanced_business_application_programmingeq7.50
advanced_business_application_programmingge7.00
advanced_business_application_programmingle7.02
advanced_business_application_programmingeq75.0.99
advanced_business_application_programmingeq75.0.100

Name	Operator	Version
advanced_business_application_programming	ge	7.10
advanced_business_application_programming	le	7.11
advanced_business_application_programming	eq	7.30
advanced_business_application_programming	eq	7.31
advanced_business_application_programming	eq	7.40
advanced_business_application_programming	eq	7.50
advanced_business_application_programming	ge	7.00
advanced_business_application_programming	le	7.02
advanced_business_application_programming	eq	75.0.99
advanced_business_application_programming	eq	75.0.100