Symptom
- Due to the fact that there is no restriction of user input in command admin echo, 'context', with log, replication server is threatened by log injection attack.
- So just restrict users from input more than 1 '\n' in admin echo command.
Read more...
Environment
- SAP Replication Server (SRS) 16.0
Product
SAP Replication Server 16.0
Keywords
CR827712, CR#827712, 827712, admin echo , KBA , BC-SYB-REP , Sybase Replication Server (standalone) , BC-SYB-REP-HET , Replication Server Heterogeneous Edition (RSHE) , BC-SYB-REP-RTL , Rep Server Real-Time Loading Edition (RTLE) , BC-SYB-REP-RSO , Rep Server Options (RSO) , BC-SYB-REP-ME , Replication Server Messaging Edition (RSME) , Product Enhancement
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.