6.6 Medium
AI Score
Confidence
High
0.004 Low
EPSS
Percentile
72.0%
SAP Netweaver Java Application Server does not properly restrict access, which allows remote attackers to obtain the list of SAP systems registered on an SLD via an unspecified webdynpro, related to SystemSelection.
scn.sap.com/docs/DOC-8218
seclists.org/fulldisclosure/2014/Apr/301
www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-008
www.securityfocus.com/bid/67104
service.sap.com/sap/support/notes/1922547