Unrated severityNVD Advisory· Published May 1, 2013· Updated Apr 29, 2026

CVE-2013-3061

Description

The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.

Affected products

SAP/ERP Central Component
cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*
SAP/Healthcare Industry Solution
cpe:2.3:a:sap:healthcare_industry_solution:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

archives.neohapsis.com/archives/bugtraq/2013-04/0176.htmlnvdBroken Link
scn.sap.com/docs/DOC-8218nvdBroken Link
www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcarenvdBroken Link
service.sap.com/sap/support/notes/1691744nvdPermissions Required

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000