SAP ABAP Reports Input Validation Vulnerability Allowing Arbitrary Database Table Deletion

A vulnerability exists in SAP ABAP reports due to inadequate input validation. An attacker with high privilege access could exploit this flaw to delete the contents of arbitrary database tables, provided those tables are not safeguarded by an authorization group. This vulnerability significantly impacts the integrity and availability of the database.

Impact

Exploitation of this vulnerability could result in the unauthorized deletion of database table contents, compromising the integrity and availability of the affected database.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically in the Security Notes section. For guidance on accessing and applying SAP Security Notes, refer to the SAP Security Notes FAQs.