QwikSec

Security Database

CVE

CWE

Training

CVE-2018-2481

Published: Nov 13, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50, 75C to 75D, a transaction code reserved for customer is used. By implementing such transaction code a malicious user may execute unauthorized transaction functionality.

Vendor	Product	Versions
SAP	SAP_ABA	affected `= 7.00 to 7.02` affected `= 7.10 to 7.11` affected `= 7.30` affected `= 7.31` affected `= 7.40` +3 more versions

References

vdb-entry

x_refsource_BID

https://launchpad.support.sap.com/#/notes/2693083

x_refsource_MISC

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.