31 matches found
EUVD-2018-14343
Malware in sbrugna...
EUVD-2018-14344
Malware in sbrugna...
EUVD-2018-14346
Malware in sbrugna...
EUVD-2018-14345
Malware in sbrugna...
The vulnerability of the SAP Fiori Client’s mobile execution environment, related to deficiencies in access control, allows a perpetrator to bypass the authentication system.
The vulnerability of the SAP Fiori Client mobile environment is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to bypass the system’s authentication process remotely...
The vulnerability of the SAP Fiori Client mobile environment, related to deficiencies in access control, allows a malicious actor to gain unauthorized access to protected information and execute arbitrary JavaScript code.
The vulnerability of the SAP Fiori Client mobile environment is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information and execute arbitrary JavaScript code...
The vulnerability of the SAP Fiori Client’s mobile execution environment, related to deficiencies in access control, allows a perpetrator to disclose protected information.
The vulnerability of the SAP Fiori Client mobile environment is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose sensitive information...
SAP Fiori Client Code Execution Vulnerability (CNVD-2019-04899)
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A code execution vulnerability exists in SAP Fiori Client, which can be exploited by an attacker with the help of a malicious application to execute JavaScript code in the SAP Fiori...
SAP Fiori Client Information Disclosure Vulnerability
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A security vulnerability exists in SAP Fiori Client that stems from the program's failure to protect permissions on incoming broadcast messages. An attacker could exploit the vulnerability...
SAP Fiori Client Code Execution Vulnerability
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A code execution vulnerability exists in SAP Fiori Client that can be exploited by an attacker to execute malicious JavaScript code in an embedded log reader...
SAP Fiori Client Denial of Service Vulnerability
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A denial of service vulnerability exists in SAP Fiori Client, which can be exploited by an attacker with a malicious application to send local push notifications with null messages to Fior...
SAP Fiori Client Design Vulnerability
SAP Fiori Client is a client program from SAP Germany for running the SAP Fiori Launchpad on mobile devices. A security vulnerability exists in SAP Fiori Client. An attacker can exploit the vulnerability to remove the SSO configuration with the help of an arbitrary Android application...
CVE-2018-2491
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the...
Design/Logic Flaw
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the...
Information disclosure
Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...
CVE-2018-2489
Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...
Information disclosure
The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...
CVE-2018-2488
It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori Client and cause the application to crash. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...
CVE-2018-2485
It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application. This can include reading and writing of information and calling device specific JavaScript APIs in the application. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues a...
CVE-2018-2490
The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...