Description
A malicious user can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the malicious user to specialize their attacks against passwords and SAP PI Runtime Workbench.
An attacker can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the attacker to specialize their attacks against passwords and SAP PI Runtime Workbench.
Available fix and Supported packages
- MESSAGING | 7.10 | 7.11
- MESSAGING | 7.20 | 7.20
- SAP_XITOOL | 7.10 | 7.11
- SAP_XIAF | 7.10 | 7.11
- MESSAGING SYSTEM SERVICE 7.10 | SP007 | 000037
- MESSAGING SYSTEM SERVICE 7.10 | SP008 | 000027
- MESSAGING SYSTEM SERVICE 7.10 | SP009 | 000035
- MESSAGING SYSTEM SERVICE 7.10 | SP010 | 000000
- MESSAGING SYSTEM SERVICE 7.11 | SP002 | 000016
- MESSAGING SYSTEM SERVICE 7.11 | SP003 | 000020
- MESSAGING SYSTEM SERVICE 7.11 | SP004 | 000011
- MESSAGING SYSTEM SERVICE 7.11 | SP005 | 000000
- MESSAGING SYSTEM SERVICE 7.20 | SP004 | 000000
- XI ADAPTER FRAMEWORK 7.10 | SP007 | 000037
- XI ADAPTER FRAMEWORK 7.10 | SP008 | 000030
- XI ADAPTER FRAMEWORK 7.10 | SP009 | 000016
- XI ADAPTER FRAMEWORK 7.10 | SP010 | 000000
- XI ADAPTER FRAMEWORK 7.11 | SP004 | 000015
- XI ADAPTER FRAMEWORK 7.11 | SP005 | 000000
- XI TOOLS 7.10 | SP010 | 000000
- XI TOOLS 7.11 | SP005 | 000000
Affected component
- BC-XI-IS-WKB
Runtime Workbench / Monitoring
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1433243
