Potential information disclosure relating to passwords, SAP security note 1433243
Description
A malicious user can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the malicious user to specialize their attacks against passwords and SAP PI Runtime Workbench.
An attacker can discover information relating to passwords being used to deliver SAP PI Runtime Workbench. This information could be used to allow the attacker to specialize their attacks against passwords and SAP PI Runtime Workbench.
Available fix and Supported packages
- MESSAGING | 7.10 | 7.11
- MESSAGING | 7.20 | 7.20
- SAP_XITOOL | 7.10 | 7.11
- SAP_XIAF | 7.10 | 7.11
- MESSAGING SYSTEM SERVICE 7.10 | SP007 | 000037
- MESSAGING SYSTEM SERVICE 7.10 | SP008 | 000027
- MESSAGING SYSTEM SERVICE 7.10 | SP009 | 000035
- MESSAGING SYSTEM SERVICE 7.10 | SP010 | 000000
- MESSAGING SYSTEM SERVICE 7.11 | SP002 | 000016
- MESSAGING SYSTEM SERVICE 7.11 | SP003 | 000020
- MESSAGING SYSTEM SERVICE 7.11 | SP004 | 000011
- MESSAGING SYSTEM SERVICE 7.11 | SP005 | 000000
- MESSAGING SYSTEM SERVICE 7.20 | SP004 | 000000
- XI ADAPTER FRAMEWORK 7.10 | SP007 | 000037
- XI ADAPTER FRAMEWORK 7.10 | SP008 | 000030
- XI ADAPTER FRAMEWORK 7.10 | SP009 | 000016
- XI ADAPTER FRAMEWORK 7.10 | SP010 | 000000
- XI ADAPTER FRAMEWORK 7.11 | SP004 | 000015
- XI ADAPTER FRAMEWORK 7.11 | SP005 | 000000
- XI TOOLS 7.10 | SP010 | 000000
- XI TOOLS 7.11 | SP005 | 000000
Affected component
- BC-XI-IS-WKB
Runtime Workbench / Monitoring
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected]
URL
https://launchpad.support.sap.com/#/notes/1433243