CVE-2016-10005 – SAP Solman 7.31 Information Disclosure
https://notcve.org/view.php?id=CVE-2016-10005
Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524. Webdynpro en SAP Solman 7.1 hasta la versión 7.31 permite a atacantes remotos obtener información sensible a través de la petición webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd, vulnerabilidad también conocida como SAP Security Note 2344524. SAP Solman versions 7.1 through 7.31 suffer from an information disclosure vulnerability. • http://packetstormsecurity.com/files/140232/SAP-Solman-7.31-Information-Disclosure.html http://seclists.org/fulldisclosure/2016/Dec/69 http://www.securityfocus.com/bid/92949 https://erpscan.io/advisories/erpscan-16-035-sap-solman-user-accounts-dislosure • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •