Access Control Flaw in SAP Afaria
CVE-2015-4161

Currently unrated

Key Information:

Vendor: SAP
Status: Afaria
Vendor: CVE Published:; 2 June 2015

Summary

SAP Afaria has a significant access control vulnerability that does not adequately restrict access to certain functionalities. This oversight allows remote attackers to exploit the system, potentially leading to unauthorized information retrieval, privilege escalation, and other unspecified impacts. Users are advised to refer to SAP Security Note 2155690 for further details and mitigations.

References

http://www.securityfocus.com/bid/74800

vdb-entryx_refsource_BID

http://seclists.org/fulldisclosure/2015/May/96

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Jun 2, 2015
Vulnerability Reserved
Jun 2, 2015