Описание
SAP Landscape Transformation allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code/OS commands into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
EPSS
9.1 Critical
CVSS3
Дефекты
Связанные уязвимости
SAP Landscape Transformation allows an attacker with admin privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code/OS commands into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating the risk of full system compromise, undermining the confidentiality, integrity and availability of the system.
Уязвимость интерфейса Remote Function Call (RFC) программного инструмента для управления изменениями и миграциями SAP Landscape Transformation (SLT), позволяющая нарушителю обойти ограничения безопасности, выполнить произвольный код и получить полный контроль над системой
EPSS
9.1 Critical
CVSS3