漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Code Injection vulnerability in SAP Landscape Transformation
Vulnerability Description
SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
对生成代码的控制不恰当(代码注入)
Vulnerability Title
SAP Landscape Transformation 代码注入漏洞
Vulnerability Description
SAP Landscape Transformation是德国思爱普(SAP)公司的一个用于系统数据迁移与整合的工具。 SAP Landscape Transformation存在代码注入漏洞,该漏洞源于RFC暴露函数模块存在漏洞,可能导致注入任意ABAP代码和操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A