← back
CVE-2014-3133

CVE-2014-3133

EPSS 2.1%
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://scn.sap.com/docs/DOC-8218http://seclists.org/fulldisclosure/2014/Apr/301https://service.sap.com/sap/support/notes/1922547http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-008http://www.securityfocus.com/bid/67104