Remote Code Execution Vulnerability in SAP ERP Central Component
CVE-2013-3244

Currently unrated

Key Information:

Vendor: SAP
Status: Erp Central Component
Vendor: CVE Published:; 24 October 2013

Summary

The Project System (PS-IS) module in SAP ERP Central Component has multiple undisclosed vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function. These flaws empower remote attackers to potentially execute arbitrary code through specially crafted RFC or SOAP-RFC requests. As such, this vulnerability poses significant risks, necessitating immediate attention and patching to secure SAP ECC systems against unauthorized access and execution.

References

https://service.sap.com/sap/support/notes/1776695

x_refsource_MISC

http://scn.sap.com/docs/DOC-8218

x_refsource_CONFIRM

http://www.esnc.de/sap-security-audit-and-scan-services/s...

x_refsource_MISC

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 24, 2013