CNNVD-202601-2342 Information

CNNVD ID

CNNVD-202601-2342

Related CVE

CVE-2026-0491

• CNNVD Published: 2026-01-13

Description (Chinese)

SAP Landscape Transformation是德国思爱普（SAP）公司的一个用于系统数据迁移与整合的工具。 SAP Landscape Transformation存在代码注入漏洞，该漏洞源于攻击者可通过RFC暴露的函数模块注入任意ABAP代码或OS命令，绕过授权检查，可能导致系统完全被破解。

Description (English)

SAP Landscape Transport is a tool for system data migration and integration by SAP Germany. SAP Landscape Transformation has a code leak, which stems from the fact that the assailant can inject any AMAP code or OS command through a function module exposed by the RFC, bypassing an authorized inspection, which may lead to a complete breakdown of the system.

Hazard Level

Low

Vulnerability Type

代码注入

Affected Vendor

思爱普

Published

2026-01-13

Last Modified

2026-02-24

References

https://me.sap.com/notes/3697979 https://url.sap/sapsecuritypatchday

Patch

https://url.sap/sapsecuritypatchday