Skip links
RedRays - Your SAP Security Solution
RedRays SAP Security Team

RedRays SAP Security Team

🔥🔥🔥 Join us for our upcoming training session at Black Hat MEA: "Securing SAP Systems: Expert Insights and Penetration Testing Techniques" 🛡️🔍

Export of Exchange Profile contains password, SAP security note 1418010

Description

User credentials disclosed during export of data from Exchange Profile.

Available fix and Supported packages

  • SAP_XITOOL | 3.0 | 3.0
  • SAP_XITOOL | 7.00 | 7.02
  • SAP_XITOOL | 7.10 | 7.11
  • SAP_XITOOL | 7.20 | 7.20
  • SAP_XITOOL | 7.30 | 7.30
  • XI TOOLS 3.0 | SP023 | 000009
  • XI TOOLS 3.0 | SP024 | 000009
  • XI TOOLS 3.0 | SP025 | 000006
  • XI TOOLS 3.0 | SP026 | 000004
  • XI TOOLS 3.0 | SP027 | 000001
  • XI TOOLS 3.0 | SP028 | 000003
  • XI TOOLS 3.0 | SP029 | 000000
  • XI TOOLS 7.00 | SP018 | 000014
  • XI TOOLS 7.00 | SP019 | 000022
  • XI TOOLS 7.00 | SP020 | 000014
  • XI TOOLS 7.00 | SP021 | 000002
  • XI TOOLS 7.00 | SP022 | 000000
  • XI TOOLS 7.00 | SP025 | 000004
  • XI TOOLS 7.01 | SP003 | 000012
  • XI TOOLS 7.01 | SP004 | 000010
  • XI TOOLS 7.01 | SP005 | 000010
  • XI TOOLS 7.01 | SP006 | 000001
  • XI TOOLS 7.01 | SP007 | 000000
  • XI TOOLS 7.02 | SP003 | 000000
  • XI TOOLS 7.10 | SP007 | 000032

Affected component

    BC-XI-IBD
    Integration Builder – Design

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1418010

TAGS

#Information-Disclosure
#XI(Exchange-Infrastructure)
#Exchange-Profile
#AIIProperties(Application-Integration-Infrastructure)
#ESR(Enterprise-Services-Repository)
#Integration-Builder-Tools
#PI(Process-Integration)

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer