Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Credit card data is stored in the log file, SAP security note 627649


Credit card information which is relevant for safety may be written to the J2EE engine log file isa.log (in the WEB-INF/log directory).
This data can be misused by persons who are authorized or not authorized to access the log files and it is a possible safety hazard. This affects both ISA for CRM and ISA for R/3.

Available fix and Supported packages

  • BBPCRM | 300 | 300
  • BBPCRM | 310 | 310
  • BBPCRM | 400 | 400

Affected component

    Shopping Basket and Order Entry


Score: 0


Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.




More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,