The BW Database Interface does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges that allows the user to practically read out any database table.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap business warehouse 731 |
||
sap business warehouse 740 |
||
sap business warehouse 750 |
||
sap business warehouse 751 |
||
sap business warehouse 752 |
||
sap business warehouse 753 |
||
sap business warehouse 754 |
||
sap business warehouse 755 |
||
sap business warehouse 782 |
||
sap business warehouse 730 |
||
sap business warehouse 711 |
||
sap business warehouse 710 |
That aside, enjoy the light load of 56 vulns in Windows and other code Rubbish software security patches responsible for a quarter of zero-days last year
Patch Tuesday For its February Patch Day, Microsoft released security advisories covering 56 CVE-assigned vulnerabilities, 11 of them rated critical. In doing so, the Windows giant managed to publish a misspelled URL on the landing page for its February updates that instead of taking visitors to the intended Microsoft Security Response Center post about API changes, pointed to msrc-blog.microosft.com, which turns out to be a typo-bait domain. It redirects visitors to a findanswersnow.net search ...