SAP Identity Management 2.0 Remote Code Execution Vulnerability
Under certain conditions, it is possible to request the modification of role or privilege assignments through SAP Identity Management REST Interface Version 2, which would otherwise be restricted only for viewing.
The information has been provided by .
The original article can be found at: https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
SAP Identity Management is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.
- SAP Identity Management 2.0