Skip links

Potential information disclosure relating to passwords, SAP security note 1433243

Description

A malicious user can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the malicious user to specialize their attacks against passwords and SAP PI Runtime Workbench.

An attacker can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the attacker to specialize their attacks against passwords and SAP PI Runtime Workbench.

Available fix and Supported packages

  • MESSAGING | 7.10 | 7.11
  • MESSAGING | 7.20 | 7.20
  • SAP_XITOOL | 7.10 | 7.11
  • SAP_XIAF | 7.10 | 7.11
  • MESSAGING SYSTEM SERVICE 7.10 | SP007 | 000037
  • MESSAGING SYSTEM SERVICE 7.10 | SP008 | 000027
  • MESSAGING SYSTEM SERVICE 7.10 | SP009 | 000035
  • MESSAGING SYSTEM SERVICE 7.10 | SP010 | 000000
  • MESSAGING SYSTEM SERVICE 7.11 | SP002 | 000016
  • MESSAGING SYSTEM SERVICE 7.11 | SP003 | 000020
  • MESSAGING SYSTEM SERVICE 7.11 | SP004 | 000011
  • MESSAGING SYSTEM SERVICE 7.11 | SP005 | 000000
  • MESSAGING SYSTEM SERVICE 7.20 | SP004 | 000000
  • XI ADAPTER FRAMEWORK 7.10 | SP007 | 000037
  • XI ADAPTER FRAMEWORK 7.10 | SP008 | 000030
  • XI ADAPTER FRAMEWORK 7.10 | SP009 | 000016
  • XI ADAPTER FRAMEWORK 7.10 | SP010 | 000000
  • XI ADAPTER FRAMEWORK 7.11 | SP004 | 000015
  • XI ADAPTER FRAMEWORK 7.11 | SP005 | 000000
  • XI TOOLS 7.10 | SP010 | 000000
  • XI TOOLS 7.11 | SP005 | 000000

Affected component

    BC-XI-IS-WKB
    Runtime Workbench / Monitoring

CVSS

Score: 0

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/1433243

TAGS

#Information-disclosure
#SAP-PI-Runtime-Workbench
#RWB