Skip links
Arpine Maghakyan

Arpine Maghakyan

Security Researcher of RedRays.

Potential information disclosure relating to ABAP Debugger, SAP security note 2180403

Description

An attacker can discover information relating to SAP internal and technical components using the ABAP Debugger. This information could be used to allow the attacker to specialize their attacks against SAP application server ABAP.

Available fix and Supported packages

  • KRNL32NUC | 7.21 | 7.21
  • KRNL32NUC | 7.21EXT | 7.21EXT
  • KRNL32UC | 7.21 | 7.21
  • KRNL32UC | 7.21EXT | 7.21EXT
  • KRNL64NUC | 7.21 | 7.21
  • KRNL64NUC | 7.21EXT | 7.21EXT
  • KRNL64NUC | 7.41 | 7.41
  • KRNL64NUC | 7.42 | 7.42
  • KRNL64NUC | 7.43 | 7.43
  • KRNL64NUC | 7.22 | 7.22
  • KRNL64NUC | 7.22EXT | 7.22EXT
  • KRNL64UC | 7.21 | 7.21
  • KRNL64UC | 7.21EXT | 7.21EXT
  • KRNL64UC | 7.41 | 7.41
  • KRNL64UC | 7.42 | 7.42
  • KRNL64UC | 7.43 | 7.43
  • KRNL64UC | 7.22 | 7.22
  • KRNL64UC | 7.22EXT | 7.22EXT
  • KERNEL | 7.21 | 7.22
  • KERNEL | 7.41 | 7.41
  • SAP KERNEL 7.21 32-BIT | SP517 | 000517
  • SAP KERNEL 7.21 32-BIT UNICODE | SP517 | 000517
  • SAP KERNEL 7.21 64-BIT | SP517 | 000517
  • SAP KERNEL 7.21 64-BIT UNICODE | SP517 | 000517
  • SAP KERNEL 7.21 EXT 32-BIT | SP517 | 000517
  • SAP KERNEL 7.21 EXT 32-BIT UC | SP517 | 000517
  • SAP KERNEL 7.21 EXT 64-BIT | SP517 | 000517
  • SAP KERNEL 7.21 EXT 64-BIT UC | SP517 | 000517
  • SAP KERNEL 7.22 64-BIT | SP007 | 000007
  • SAP KERNEL 7.22 64-BIT UNICODE | SP007 | 000007
  • SAP KERNEL 7.22 EXT 64-BIT | SP007 | 000007
  • SAP KERNEL 7.22 EXT 64-BIT UC | SP007 | 000007
  • SAP KERNEL 7.41 64-BIT | SP224 | 000224
  • SAP KERNEL 7.41 64-BIT UNICODE | SP224 | 000224
  • SAP KERNEL 7.42 64-BIT | SP210 | 000210
  • SAP KERNEL 7.42 64-BIT UNICODE | SP210 | 000210
  • SAP KERNEL 7.43 64-BIT UNICODE | SP026 | 000026

Affected component

    BC-DWB-TOO-DBG
    Debugger

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2180403

TAGS

#Information-disclosure
#password
#debugger

More to explorer

SAP Cloud Connector Certificate Validation Issue

Date of Release: February 13, 2024 Advisory ID: CVE-2024-25642 Affected Software: SAP Cloud Connector Versions Affected: 2.15.0 to 2.16.1 Vulnerability Summary:A critical vulnerability,