Default User Credentials in SAP R/3 Allow Unauthorized Access
CVE-2002-1577

Currently unrated

Key Information:

Vendor: SAP
Status: SAP R 3
Vendor: CVE Published:; 15 April 2004

What is CVE-2002-1577?

SAP R/3 versions 2.0B to 4.6D contain a critical issue where multiple clients are installed with default usernames and passwords. This vulnerability can be exploited by remote attackers to gain unauthorized access and escalate privileges through accounts such as SAP*, SAPCPIC, DDIC, EARLYWATCH, and TMSADM. Organizations using these versions are advised to change default credentials immediately to mitigate potential risks.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/9964

vdb-entryx_refsource_XF

http://marc.info/?l=bugtraq&m=103038238228119&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
Apr 15, 2004
Vulnerability Reserved
Mar 15, 2004