CVE-2014-8312

Published: Oct 16, 2014Modified: May 6, 2026

3.5

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Exploitability: 6.8 / Impact: 2.9

Source: NVD

Description

Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROFILE_PARAM RFC function.

Affected (1)

Products: Sap: Netweaver Abap

Sap

1 product

Netweaver Abap

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver Abap	Version 7.31

References (18)

http://packetstormsecurity.com/files/128603/SAP-Business-Warehouse-Missing-Authorization-Check.html

Source: cve@mitre.org

http://scn.sap.com/docs/DOC-8218

Source: cve@mitre.org

Vendor Advisory

http://seclists.org/fulldisclosure/2014/Oct/38

Source: cve@mitre.org

http://secunia.com/advisories/61101

Source: cve@mitre.org

http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-033

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/533645/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/70292

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/96877

Source: cve@mitre.org

https://service.sap.com/sap/support/notes/1967780

Source: cve@mitre.org

Vendor Advisory

http://packetstormsecurity.com/files/128603/SAP-Business-Warehouse-Missing-Authorization-Check.html