Description
When navigating from the enterprise search result page to customer factsheet, allows an attacker to access information which would otherwise be restricted.
Some well-known impacts of Information Disclosure are –
- loss of information and system configuration confidentiality
- information gathering for further exploits and attacks
Available fix and Supported packages
- S4CORE | 100 | 100
- S4CORE | 101 | 101
- S4CORE | 102 | 102
- S4CORE 102 | SAPK-10201INS4CORE |
- S4CORE 100 | SAPK-10006INS4CORE |
- S4CORE 101 | SAPK-10104INS4CORE |
Affected component
- LO-MD-BP-CM
Customer Master
CVSS
Score: 0
Exploit
Exploit is not available.
For detailed information please contact the mail [email protected]
URL
https://launchpad.support.sap.com/#/notes/2536422