Privilege Escalation in SAP Healthcare Industry Solution by SAP
CVE-2013-3061

Currently unrated

Key Information:

Vendor
SAP
Status
Healthcare Industry Solution
Erp Central Component
Vendor
CVE Published:
1 May 2013

Summary

The ISHMED-PATRED_TRANSACT_RFCCALL function within the IS-H Industry-Specific Component for SAP's Healthcare Industry Solution and the SAP ERP central component (ECC 6) is susceptible to a vulnerability that enables remote authenticated users to bypass crucial transaction limitations. This flaw poses a significant risk as it may allow unauthorized actions that compromise the integrity and confidentiality of sensitive healthcare information. Proper measures should be taken to mitigate this issue and ensure that transaction restrictions are enforced.

References

https://service.sap.com/sap/support/notes/1691744
x_refsource_MISC
http://www.esnc.de/sap-security-audit-and-scan-services/s...
x_refsource_MISC
http://scn.sap.com/docs/DOC-8218
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.