Multiple unspecified vulnerabilities in the CJDB_FILL_MEMORY_FROM_PPB function in the Project System (PS-IS) module for SAP ERP Central Component (ECC) allow remote attackers to execute arbitrary code via a (1) RFC or (2) SOAP-RFC request.
References
Configurations
History
21 Nov 2024, 01:53
Type | Values Removed | Values Added |
---|---|---|
References | () http://scn.sap.com/docs/DOC-8218 - | |
References | () http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/58-remote-code-injection-in-sap-erp-project-system.html - | |
References | () https://service.sap.com/sap/support/notes/1776695 - |
Information
Published : 2013-10-24 00:55
Updated : 2024-11-21 01:53
NVD link : CVE-2013-3244
Mitre link : CVE-2013-3244
CVE.ORG link : CVE-2013-3244
JSON object : View
Products Affected
sap
- erp_central_component
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')