CVE-2014-8668 Information

Description

SQL injection vulnerability in SAP Contract Accounting allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Reference

http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition/ http://service.sap.com/sap/support/notes/0002022179 http://www.securityfocus.com/bid/71032 https://exchange.xforce.ibmcloud.com/vulnerabilities/98612