CVE-2015-1312
SAP ERP Dealer Portal - Unauthenticated Information Disclosure and Privilege Escalation
Title source: llmDescription
The Dealer Portal in SAP ERP does not properly restrict access, which allows remote attackers to obtain sensitive information, gain privileges, and possibly have other unspecified impact via unknown vectors, aka SAP Note 2000401. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://erpscan.io/press-center/blog/sap-critical-patch-update-january-2015/
Scores
EPSS
0.0046
EPSS Percentile
64.3%
Details
CWE
CWE-264
Status
published
Products (1)
sap/enterprise_resource_planning
Published
Jan 22, 2015
Tracked Since
Feb 18, 2026