Skip links
RedRays - Your SAP Security Solution
RedRays SAP Security Team

RedRays SAP Security Team

🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

BW Workspaces Analysis authorization during modeling and running local hierarchies, SAP security note 2389764

Description

Under certain conditions BW Workspaces allows an attacker to access information which would otherwise be restricted.

Some well-known impacts of Information Disclosure are –

  • loss of information and system configuration confidentiality
  • information gathering for further exploits and attacks 

Available fix and Supported packages

  • DW4CORE | 100 | 100
  • SAP_BW | 740 | 740
  • SAP_BW | 750 | 751
  • DW4CORE 100 | SAPK-10003INDW4CORE |
  • SAP_BW 740 | SAPKW74017 |
  • SAP_BW 750 | SAPK-75008INSAPBW |

Affected component

    BW-BEX-OT-WSP
    BW Workspace

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2389764

TAGS

#Information-Exposure
#Information-Leak

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer