CVE-2014-3131

Published: Apr 30, 2014Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

SAP Profile Maintenance does not properly restrict access, which allows remote authenticated users to obtain sensitive information via an unspecified RFC function, related to SAP Solution Manager 7.1.

Affected (1)

Products: Sap: Profile Maintenance

Sap

1 product

Profile Maintenance

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Profile Maintenance	All versions

Related CWEs

CWE-264

References (10)

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2014/Apr/300

Source: cve@mitre.org

http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-007

Source: cve@mitre.org

http://www.securityfocus.com/bid/67103

Source: cve@mitre.org

https://service.sap.com/sap/support/notes/1917381

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218