Authentication Flaw in SAP POS Xpress Server
CVE-2017-15295
9.8CRITICAL
What is CVE-2017-15295?
The Xpress Server component of SAP POS is susceptible to a significant authentication bypass vulnerability, allowing unauthorized users to read, write, and delete files without requiring any form of authentication. This flaw poses a serious risk, as it can lead to exposure of sensitive data and potential manipulation of the system. SAP has issued Security Note 2520064 to address this issue, emphasizing the importance of applying necessary patches to mitigate associated risks.