SSD Advisory – SAP Afaria SQL Injection

Vulnerabilities Summary
The following advisory describes an SQL injection vulnerabilities in the SAP Afaria Service Pack 4 HotFix 15 that can lead to execute arbitrary code.

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Responses
SAP Afaria has released patch to address the vulnerability – SP5

Continue reading SSD Advisory – SAP Afaria SQL Injection