SAP Capital Yield Tax Management Directory Traversal Vulnerability Allowing Unauthorized File Access
Vulnerability
A directory traversal vulnerability has been identified in SAP Capital Yield Tax Management. This issue arises from inadequate path validation, potentially enabling an attacker with low privileges to access files in restricted directories. The vulnerability poses a significant risk to confidentiality, as it could lead to unauthorized disclosure of sensitive information. However, it does not impact the integrity or availability of the system.
Impact
Exploitation of this vulnerability could result in unauthorized access to files, allowing attackers to read sensitive information from directories they should not have access to.
Remediation
Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, where all Security Notes are available. For guidance on accessing and applying SAP Security Notes, refer to the SAP Security Notes FAQs.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.