ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in escalation of privileges.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2019-04-10T20:17:27
Updated: 2024-08-04T17:44:16.179Z
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-0279
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2019-04-10T21:29:01.153
Modified: 2020-08-24T17:37:01.140
Link: CVE-2019-0279
Redhat
No data.