Lucene search
HistoryMay 01, 2013 - 12:00 p.m.
CVE-2013-3061
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.7%
The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.
Affected configurations
Node
saperp_central_componentMatch-
ORsaphealthcare_industry_solutionMatch-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sap | erp_central_component | - | cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:* |
| sap | healthcare_industry_solution | - | cpe:2.3:a:sap:healthcare_industry_solution:-:*:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2013-3061
2013-05-01 10:00:00
cve
cve
CVE-2013-3061
2013-05-01 12:00:10
securityvulns
securityvulns
[ESNC-2013-001] Privilege Escalation in SAP Healthcare Industry Solution
2013-04-22 00:00:00
SAP applications multiple security vulnerabilities
2013-04-22 00:00:00
prion
prion
Design/Logic Flaw
2013-05-01 12:00:00
CVSS2
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
AI Score
6.2
Confidence
Low
EPSS
0.002
Percentile
61.7%
Related for NVD:CVE-2013-3061