SAP Business Warehouse and SAP Plug-In Basis Arbitrary Table Drop Vulnerability

A vulnerability exists in SAP Business Warehouse and SAP Plug-In Basis that allows authenticated attackers to drop arbitrary SAP database tables. This action could lead to data loss or cause the system to become unusable. Exploitation of this vulnerability enables attackers to completely delete database entries, although they cannot read any data.

Impact

Successful exploitation allows for the arbitrary deletion of database tables, potentially leading to significant data loss or system instability.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically in the Security Notes section. For guidance on accessing and applying SAP Security Notes, refer to the SAP Security Notes FAQs.