[ERPSCAN-12-044] SAP NetWeaver SDM – authentication bypass
Application: SAP NetWeaver SDM
Versions Affected: SAP NetWeaver SDM
Vendor URL: http://www.sap.com
Bugs: Auth Bypass
Vendor response: 11.02.2012
Date of Public Advisory: 10.10.2012
Reference: SAP Security Note 1724516
Authors: Alexander Polyakov (ERPScan)
SAP NetWeaver SDM service is vulnerable to Authentication Bypass attack.
An attacker can bypass authorization restrictions of SAP NetWeaver SDM and execute various attacks.