Information Disclosure in SAP Mobile Platform ClientHub
CVE-2015-7731

5.5MEDIUM

Key Information:

Vendor: SAP
Status: Mobile Platform
Vendor: CVE Published:; 9 August 2021

Summary

The SAP Mobile Platform 3.0 SP05 ClientHub presents a vulnerability that enables attackers to access keystreams and other sensitive user information through the DataVault. This could potentially lead to unauthorized access and exploitation of confidential data, putting user privacy and security at significant risk. Organizations utilizing this platform should prioritize implementing security measures to mitigate potential threats derived from this exposure.

References

https://www.onapsis.com/research/security-advisories/SAP-...

x_refsource_MISC

https://seclists.org/bugtraq/2015/Aug/39

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 9, 2021
Vulnerability Reserved
Oct 6, 2015