Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, allow an attacker with high privileges and has direct access to SAP System, to inject code when executing with a certain transaction class builder. This could allow execution of arbitrary commands on the operating system, that could highly impact the Confidentiality, Integrity and Availability of the system.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver application server abap 702 |
||
sap netweaver application server abap 750 |
||
sap netweaver application server abap 752 |
||
sap netweaver application server abap 753 |
||
sap netweaver application server abap 754 |
||
sap netweaver application server abap 755 |
||
sap netweaver application server abap 756 |
||
sap netweaver application server abap 700 |
||
sap netweaver application server abap 710 |
||
sap netweaver application server abap 701 |
||
sap netweaver application server abap 711 |
||
sap netweaver application server abap 730 |
||
sap netweaver application server abap 731 |
||
sap netweaver application server abap 740 |
||
sap netweaver application server abap 751 |