Vulnerabilities > CVE-2013-6284 - Unspecified vulnerability in SAP ERP Central Component

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

sap

NVD

Published: 2013-10-26

Updated: 2013-10-28

Summary

Unspecified vulnerability in the Statutory Reporting for Insurance (FS_SR) component in the Financial Services module for SAP ERP Central Component (ECC) allows attackers to execute arbitrary code via unspecified vectors, related to a "code injection vulnerability."

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP ERP Central Component -	1

References

http://scn.sap.com/docs/DOC-8218
http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_September%202013.pdf
https://service.sap.com/sap/support/notes/