Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.42
Vendor URL: SAP
Bugs: Information Disclosure
Vendor response: 13.07.2016
Date of Public Advisory: 13.09.2016
Reference: SAP Security Note 2344524
Author: Roman Bezhan (ERPScan)
Webdynpro component allows attacker to gain users information defined in the system.
An attacker can use Information disclosure vulnerability to reveal additional information (system data, debugging information, etc), which will help them learn about a system to plan further attacks.