Description
An attacker can discover information relating to user password and name of user who uses NWDS to connect to NWDI server. This information could be used to allow the attacker to specialize their
attacks against NWDI server.
Available fix and Supported packages
- DI_CBS | 7.11 | 7.11
- DI_CBS | 7.20 | 7.20
- DI_CBS | 7.30 | 7.30
- DI_CLIENTS | 7.11 | 7.11
- DI_CLIENTS | 7.20 | 7.20
- DI_CLIENTS | 7.30 | 7.30
- NWCEIDE | 7.11 | 7.11
- NWCEIDE | 7.20 | 7.20
- NWCEIDE | 7.30 | 7.30
- DI CLIENTS 7.11 | SP002 | 000002
- DI CLIENTS 7.11 | SP003 | 000002
- DI CLIENTS 7.11 | SP004 | 000003
- DI CLIENTS 7.11 | SP005 | 000004
- DI CLIENTS 7.11 | SP006 | 000000
- DI CLIENTS 7.20 | SP001 | 000001
- DI CLIENTS 7.20 | SP002 | 000001
- DI CLIENTS 7.20 | SP003 | 000001
- DI CLIENTS 7.20 | SP004 | 000000
- DI COMPONENT BUILD SERVER 7.11 | SP002 | 000001
- DI COMPONENT BUILD SERVER 7.11 | SP003 | 000001
- DI COMPONENT BUILD SERVER 7.11 | SP004 | 000001
- DI COMPONENT BUILD SERVER 7.11 | SP005 | 000001
- DI COMPONENT BUILD SERVER 7.11 | SP006 | 000000
- DI COMPONENT BUILD SERVER 7.20 | SP001 | 000001
- DI COMPONENT BUILD SERVER 7.20 | SP002 | 000001
- DI COMPONENT BUILD SERVER 7.20 | SP003 | 000001
- DI COMPONENT BUILD SERVER 7.20 | SP004 | 000000
- NW CE DEVELOPER STUDIO 7.11 | SP002 | 000012
- NW CE DEVELOPER STUDIO 7.11 | SP003 | 000008
Affected component
- BC-CTS-DI
Development Infrastructure (NetWeaver Java)
CVSS
Score: 0
Exploit
Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.
URL
https://launchpad.support.sap.com/#/notes/1495675
