Tomcat on MSA accessible from the network, SAP security note 1525994

Description

The Apache Tomcat server delivered with SAP CRM Mobile Sales, which is required by the IPC (Internet Pricing & Configuration) user interface is accessible from the network. It could be abused by a malicious user on the network to read and modify data.

Available fix and Supported packages

APACHETOMCAT | 6.0 | 6.0
APACHETOMCAT | 5.5 | 5.5

Affected component

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/1525994

Arpine Maghakyan

Tomcat on MSA accessible from the network, SAP security note 1525994

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#MSA
#access-restriction
#localhost

More to explorer

SAP Security Patch Day – April 2024

SAP Security Patch Day – March 2024

SAP Cloud Connector Certificate Validation Issue

Critical XSS Vulnerability Identified in SAP NetWeaver AS Java

Arpine Maghakyan

Tomcat on MSA accessible from the network, SAP security note 1525994

Description

Available fix and Supported packages

Affected component

CVSS

Exploit

URL

TAGS

#MSA#access-restriction#localhost

More to explorer

SAP Security Patch Day – April 2024

SAP Security Patch Day – March 2024

SAP Cloud Connector Certificate Validation Issue

Critical XSS Vulnerability Identified in SAP NetWeaver AS Java

#MSA
#access-restriction
#localhost