漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
SQL Injection vulnerability in SAP Business Planning and Consolidation and SAP Business Warehouse
Vulnerability Description
Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of the system.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
SAP Business Planning and Consolidation和SAP Business Warehouse SQL注入漏洞
Vulnerability Description
SAP Business Planning and Consolidation和SAP Business Warehouse都是德国思爱普(SAP)公司的产品。SAP Business Planning and Consolidation是一款商业计划和整合软件。该软件提供预算编制、预测和财务合并功能。SAP Business Warehouse是用于执行业务流程的关键组件,它允许用户设计、实施和管理业务流程,确保流程的合规性,并通过自动化减少手动操作的需要。 SAP Business Planning
CVSS Information
N/A
Vulnerability Type
N/A