SAP Supplier Relationship Management (SRM) is a supplier relationship management solution from SAP. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functions such as invoicing. An information disclosure vulnerability exists in SAP Supplier Relationship Management versions 600, 602, 603, 604, 605, 606, 616, and 617, which could be exploited by an unauthorized attacker to discover SRM-related information in the Supplier Master Data Replication function of a business partner.