Unrated severityNVD Advisory· Published May 1, 2013· Updated Jun 16, 2026
CVE-2013-3061
CVE-2013-3061
Description
The ISHMED-PATRED_TRANSACT_RFCCALL function in the IS-H Industry-Specific Component Hospital subsystem in SAP Healthcare Industry Solution, and the SAP ERP central component (aka ECC 6), allows remote authenticated users to bypass intended transaction restrictions via unspecified vectors.
Affected products
4cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:erp_central_component:-:*:*:*:*:*:*:*
- (no CPE)range: ECC 6
cpe:2.3:a:sap:healthcare_industry_solution:-:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:sap:healthcare_industry_solution:-:*:*:*:*:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
4- archives.neohapsis.com/archives/bugtraq/2013-04/0176.htmlnvdBroken Link
- scn.sap.com/docs/DOC-8218nvdBroken Link
- www.esnc.de/sap-security-audit-and-scan-services/security-advisories/36-privilege-escalation-in-sap-is-healthcarenvdBroken Link
- service.sap.com/sap/support/notes/1691744nvdPermissions Required
News mentions
0No linked articles in our index yet.