SAF-T Framework Transaction SAFTN_G allows an malicious user to exploit insufficient validation of path information provided by normal user, leading to full server directory access. The attacker can see the whole filesystem structure but cannot overwrite, delete, or corrupt arbitrary files on the server.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap saf-t framework 103 |
||
sap saf-t framework 104 |
||
sap saf-t framework 105 |
||
sap saf-t framework 602 |
||
sap saf-t framework 603 |
||
sap saf-t framework 604 |
||
sap saf-t framework 605 |
||
sap saf-t framework 606 |
||
sap saf-t framework 618 |
||
sap saf-t framework 720 |
||
sap saf-t framework 730 |
||
sap saf-t framework s4core_102 |
||
sap saf-t framework sap_appl_600 |
||
sap saf-t framework sap_fin_617 |