Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Code Injection vulnerability in SAP ABA (Application Basis)
Vulnerability Description
In SAP ABA (Application Basis) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions which they would not normally be permitted to perform. Depending on the function executed, the attack can read or modify any user/business data and can make the entire system unavailable.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
SAP ABA 代码注入漏洞
Vulnerability Description
SAP ABAP Platform是德国思爱普(SAP)公司的一个基于 ABAP 的 SAP 解决方案。 SAP ABA 700、701、702、731、740、750、751、752、75C、75I版本存在代码注入漏洞,该漏洞源于允许攻击者使用该接口调用应用程序功能来执行他们通常不允许执行的操作,读取或修改任何用户/业务数据,并可能使整个系统不可用。
CVSS Information
N/A
Vulnerability Type
N/A