Authentication Bypass Vulnerability in SAP Mobile Platform
CVE-2015-8600

Currently unrated

Key Information:

Vendor: SAP
Status: Mobile Platform
Vendor: CVE Published:; 17 December 2015

Summary

The SysAdminWebTool servlets in the SAP Mobile Platform are susceptible to an authentication bypass vulnerability. This flaw allows remote attackers to exploit the system, potentially gaining unauthorized access to sensitive information, increasing their privileges, or executing other malicious actions without proper authentication. Attackers could utilize unknown vectors to leverage this vulnerability, emphasizing the need for timely security updates and implementation of recommended security measures outlined in SAP Security Note 2227855.

References

http://scn.sap.com/community/security/blog/2015/12/09/sap...

x_refsource_MISC

https://erpscan.io/advisories/10761/

x_refsource_MISC

Timeline

Vulnerability published
Dec 17, 2015
Vulnerability Reserved
Dec 17, 2015