CVE-2014-4159

Currently unrated

Key Information:

Vendor
SAP
Status
Supplier Relationship Management
Vendor
CVE Published:
13 June 2014

Summary

Open redirect vulnerability in in la/umTestSSO.jsp in SAP Supplier Relationship Management (SRM) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.

References

https://service.sap.com/sap/support/notes/1946420
x_refsource_CONFIRM
http://blog.emaze.net/2014/05/sap-multiple-vulnerabilitie...
x_refsource_MISC
http://scn.sap.com/docs/DOC-8218
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.