Sunday, February 28, 2021

SAP CTC Service Verb Tampering User Management

Description
This module exploits an authentication bypass vulnerability in SAP NetWeaver CTC service. The service is vulnerable to verb tampering allowing for unauthorised OS user management. Information about resolution should be available at SAP notes 1589525 and 1624450 (authentication required). Author(s)
  • Alexandr Polyakov
  • nmonkee

NoneNone
 

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated