// For flags

CVE-2013-3061

 

Severity Score

6.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.

La función ishmed-PATRED_TRANSACT_RFCCALL en el componente Industry-Specific Component Hospital IS-H en la solución SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), permite a los usuarios remotos autenticados evitar las restricciones de operación que se pretende a través de vectores no especificados.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-04-15 CVE Reserved
  • 2013-04-16 CVE Published
  • 2023-09-27 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-264: Permissions, Privileges, and Access Controls
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Sap
Search vendor "Sap"
Erp Central Component
Search vendor "Sap" for product "Erp Central Component"
--
Affected
Sap
Search vendor "Sap"
Healthcare Industry Solution
Search vendor "Sap" for product "Healthcare Industry Solution"
--
Affected