SAP Knowledge Base Article - Preview

3355741 - Limit only one line of message could be injected by SAP Replication Server command 'admin echo' - SRS


  • Due to the fact that there is no restriction of user input in command admin echo, 'context', with log, replication server is threatened by log injection attack.
  • So just restrict users from input more than 1 '\n' in admin echo command.



  • SAP Replication Server (SRS) 16.0


SAP Replication Server 16.0


CR827712, CR#827712, 827712, admin echo , KBA , BC-SYB-REP , Sybase Replication Server (standalone) , BC-SYB-REP-HET , Replication Server Heterogeneous Edition (RSHE) , BC-SYB-REP-RTL , Rep Server Real-Time Loading Edition (RTLE) , BC-SYB-REP-RSO , Rep Server Options (RSO) , BC-SYB-REP-ME , Replication Server Messaging Edition (RSME) , Product Enhancement

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.