A partner account manager can help. Contact us today.

 Subscribe me to your mailing list

[ERPSCAN-12-044] SAP NetWeaver SDM – authentication bypass

Application: SAP NetWeaver SDM
Versions Affected: SAP NetWeaver SDM
Vendor URL:
Bugs: Auth Bypass
Exploits: YES
Reported: 10.02.2012
Vendor response: 11.02.2012
Date of Public Advisory: 10.10.2012
Reference: SAP Security Note 1724516
Authors: Alexander Polyakov (ERPScan)

SAP NetWeaver SDM service is vulnerable to Authentication Bypass attack.

Business Risk
An attacker can bypass authorization restrictions of SAP NetWeaver SDM and execute various attacks.