CVE-2015-5067
CVE-2015-5067
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.htmlhttp://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.htmlhttp://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/http://www.securityfocus.com/bid/75165