Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-3131

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2014-3131
Last Modified 10 May 2014 12:06:32
Published 30 Apr 2014 10:22:07
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2014-3131

Summary

SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.

Vulnerable Systems

Application

  • Sap Profile Maintenance -


References

CONFIRM - https://service.sap.com/sap/support/notes/1917381

MISC - http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-007

FULLDISC - 20140428 [Onapsis Security Advisory 2014-007] Missing authorization check in SAP Profile Maintenance

CONFIRM - http://scn.sap.com/docs/DOC-8218

BID - 67103


Last Updated: 27 May 2016 11:05:09