CVE-2013-3061

The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*
cpe:2.3:a:sap:healthcare_industry_solution:-:*:*:*:*:*:*:*

History

21 Nov 2024, 01:52

Type Values Removed Values Added
References () http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.html - Broken Link () http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.html - Broken Link
References () http://scn.sap.com/docs/DOC-8218 - Broken Link () http://scn.sap.com/docs/DOC-8218 - Broken Link
References () http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcare - Broken Link () http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcare - Broken Link
References () https://service.sap.com/sap/support/notes/1691744 - Permissions Required () https://service.sap.com/sap/support/notes/1691744 - Permissions Required

26 Sep 2023, 20:09

Type Values Removed Values Added
First Time Sap erp Central Component
CPE cpe:2.3:a:sap:erp_cental_component:-:*:*:*:*:*:*:* cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*
References (MISC) https://service.sap.com/sap/support/notes/1691744 - (MISC) https://service.sap.com/sap/support/notes/1691744 - Permissions Required
References (MISC) http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcare - (MISC) http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcare - Broken Link
References (CONFIRM) http://scn.sap.com/docs/DOC-8218 - (CONFIRM) http://scn.sap.com/docs/DOC-8218 - Broken Link
References (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.html - (BUGTRAQ) http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.html - Broken Link

Information

Published : 2013-05-01 12:00

Updated : 2024-11-21 01:52


NVD link : CVE-2013-3061

Mitre link : CVE-2013-3061

CVE.ORG link : CVE-2013-3061


JSON object : View

Products Affected

sap

  • healthcare_industry_solution
  • erp_central_component
CWE
CWE-264

Permissions, Privileges, and Access Controls