CVE-2015-5067
SAP NetWeaver - Hardcoded Credentials in Cross-System Tools and Data Transfer Workbench
Title source: llmDescription
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote attackers to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
References (6)
Core 6
Core References
Third Party Advisory x_refsource_misc
https://erpscan.io/advisories/erpscan-15-015-sap-netweaver-hardcoded-credentials/
Third Party Advisory x_refsource_misc
https://erpscan.io/advisories/erpscan-15-016-sap-netweaver-hardcoded-credentials/
Vendor Advisory x_refsource_misc
http://scn.sap.com/community/security/blog/2015/06/11/sap-security-notes-june-2015
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/133516/SAP-NetWeaver-AS-LSCT1I13-ABAP-Hardcoded-Credentials.html
Third Party Advisory, VDB Entry x_refsource_misc
http://packetstormsecurity.com/files/133515/SAP-NetWeaver-AS-FKCDBFTRACE-ABAP-Hardcoded-Credentials.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/75165
Scores
EPSS
0.0158
EPSS Percentile
81.8%
Details
CWE
CWE-255
Status
published
Products (1)
sap/netweaver
Published
Jun 24, 2015
Tracked Since
Feb 18, 2026