Vulnerabilities > CVE-2014-8312 - Unspecified vulnerability in SAP Netweaver Abap 7.31
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROFILE_PARAM RFC function.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-033
- https://service.sap.com/sap/support/notes/1967780
- http://www.securityfocus.com/bid/70292
- http://scn.sap.com/docs/DOC-8218
- http://packetstormsecurity.com/files/128603/SAP-Business-Warehouse-Missing-Authorization-Check.html
- http://seclists.org/fulldisclosure/2014/Oct/38
- http://secunia.com/advisories/61101
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96877
- http://www.securityfocus.com/archive/1/533645/100/0/threaded