Live Breaking News & Updates on Patch Critical Flaw
Stay updated with breaking news from Patch critical flaw. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
BankInfoSecurity Compliance March 29, 2021 March 31, 2021 Compliance @prajeetspeaks) • February 12, 2021 Get Permission SAP has issued a patch and remediation advice for a critical remote code execution vulnerability in its SAP Commerce product that could, if exploited, disrupt the entire system. SAP Commerce organizes data, such as product information, to be propagated across communication channels. Due to a misconfiguration of the default user permissions that are shipped with SAP Commerce, several lower-privileged users and user groups gain permissions to change DroolsRule ruleContents and thus gain unintended access to these scripting facilities, says Thomas Fritsch of Onapsis Research Labs. This vulnerability could enable unauthorized users to inject malicious code into these scripts, resulting in a strong negative impact on the application’s co ....