Potential information disclosure relating to UserID, SAP security note 2073000

Description

An attacker can discover information relating to CRM-IC-FRW who uses POLLING.
This information could be used to allow the attacker to specialize their attacks against CRM-IC-FRW and POLLING.

Available fix and Supported packages

CRMUIF | 600 | 600
WEBCUIF | 700 | 700
WEBCUIF | 701 | 701
WEBCUIF | 731 | 731
WEBCUIF | 730 | 730
WEBCUIF | 746 | 746
WEBCUIF | 747 | 747
CRMUIF 600 | SAPK-60020INCRMUIF |
WEBCUIF 700 | SAPK-70017INWEBCUIF |
WEBCUIF 730 | SAPK-73009INWEBCUIF |
WEBCUIF 701 | SAPK-70114INWEBCUIF |
WEBCUIF 731 | SAPK-73114INWEBCUIF |
WEBCUIF 746 | SAPK-74609INWEBCUIF |
WEBCUIF 747 | SAPK-74707INWEBCUIF |

Affected component

CVSS

Score: 0

PoC

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2073000

Vahagn Vardanian

Potential information disclosure relating to UserID, SAP security note 2073000

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Information-disclosure
#CRM-IC-FRW

More to explorer

SAP Security Patch Day – November 2024

How the SAP Penetration Testing Process at RedRays Works

Local Privilege Escalation Vulnerability in SAP SAPControl

[PoC] SAP PING PONG – XSS and URL Redirection Vulnerabilities

Vahagn Vardanian

Potential information disclosure relating to UserID, SAP security note 2073000

Description

Available fix and Supported packages

Affected component

CVSS

PoC

URL

TAGS

#Information-disclosure#CRM-IC-FRW

More to explorer

SAP Security Patch Day – November 2024

How the SAP Penetration Testing Process at RedRays Works

Local Privilege Escalation Vulnerability in SAP SAPControl

[PoC] SAP PING PONG – XSS and URL Redirection Vulnerabilities

Special offer for SAP Security Udemy course!

$ 9.99

#Information-disclosure
#CRM-IC-FRW