Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap abap platform 7.50 |
||
sap abap platform 7.40 |
||
sap abap platform 7.31 |
||
sap abap platform 700 |
||
sap abap platform 701 |
||
sap abap platform 702 |
||
sap abap platform 710 |
||
sap abap platform 711 |
||
sap abap platform 751 |
||
sap abap platform 753 |
||
sap abap platform 755 |
||
sap netweaver application server abap 700 |
||
sap netweaver application server abap 701 |
||
sap netweaver application server abap 702 |
||
sap netweaver application server abap 710 |
||
sap netweaver application server abap 711 |
||
sap netweaver application server abap 731 |
||
sap netweaver application server abap 740 |
||
sap netweaver application server abap 750 |
||
sap netweaver application server abap 751 |
||
sap netweaver application server abap 753 |
||
sap netweaver application server abap 755 |