Excessive Authorization in SAP Solution Manager 7.20 Role SAP_BPO_CONFIG

Excessive Authorization in SAP Solution Manager 7.20 Role SAP_BPO_CONFIG

CVE-2018-2361 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools.

Learn more about our User Device Pen Test.