Vulnerability Description
The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Erp Central Component | - |
| Sap | Healthcare Industry Solution | - |
Related Weaknesses (CWE)
References
- http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.htmlBroken Link
- http://scn.sap.com/docs/DOC-8218Broken Link
- http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-pBroken Link
- https://service.sap.com/sap/support/notes/1691744Permissions Required
- http://archives.neohapsis.com/archives/bugtraq/2013-04/0176.htmlBroken Link
- http://scn.sap.com/docs/DOC-8218Broken Link
- http://www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-pBroken Link
- https://service.sap.com/sap/support/notes/1691744Permissions Required
FAQ
What is CVE-2013-3061?
CVE-2013-3061 is a vulnerability with a CVSS score of 6.5 (MEDIUM). The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote...
How severe is CVE-2013-3061?
CVE-2013-3061 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2013-3061?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Erp Central Component, Sap Healthcare Industry Solution.