Skip links
🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

Credit card data is stored in the log file, SAP security note 627649


Credit card information which is relevant for safety may be written to the J2EE engine log file isa.log (in the WEB-INF/log directory).
This data can be misused by persons who are authorized or not authorized to access the log files and it is a possible safety hazard. This affects both ISA for CRM and ISA for R/3.

Available fix and Supported packages

  • BBPCRM | 300 | 300
  • BBPCRM | 310 | 310
  • BBPCRM | 400 | 400

Affected component

    Shopping Basket and Order Entry


Score: 0


Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.




How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer