Описание
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application.
Ссылки
- Permissions Required
- Vendor Advisory
- Permissions Required
- Vendor Advisory
Уязвимые конфигурации
Одно из
EPSS
4.9 Medium
CVSS3
Дефекты
Связанные уязвимости
While using a specific function, SAP ERP Defense Forces and Public Security - versions 600, 603, 604, 605, 616, 617, 618, 802, 803, 804, 805, 806, 807, allows an authenticated attacker with admin privileges to write arbitrary data to the syslog file. On successful exploitation, an attacker could modify all the syslog data causing a complete compromise of integrity of the application.
Уязвимость программного обеспечения SAP ERP Defense Forces and Public Security, связанная с неправильной обработкой выходных данных для журналов регистрации, позволяющая нарушителю перезаписать произвольные файлы
EPSS
4.9 Medium
CVSS3