Description
- The Log Viewer Server prints a warning that it is not protected by authorization checks; this allows logs to be monitored or spied. We strongly recommend that you configure your firewall to allow connections on port 1099 and 26000 only, from a dedicated SMD host or administrative systems.
Available fix and Supported packages
- JLOGVIEW | 7.00 | 7.02
- JLOGVIEW | 6.40 | 6.40
- JAVA LOG VIEWER 7.00 | SP022 | 000000
- JAVA LOG VIEWER 7.01 | SP007 | 000000
- JAVA LOG VIEWER 7.02 | SP003 | 000000
- SAP JAVA LOG VIEWER 6.40 | SP026 | 000000
Affected component
- BC-JAS-ADM-LOG-LGV
Please use component BC-JAS-ADM-LOG
CVSS
Score: 0
PoC
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1396998