Description
SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2025-10105 | SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability. |
References
History
Tue, 08 Apr 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Tue, 08 Apr 2025 07:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by a simple parameter query which could expose sensitive information causing low impact on confidentiality of the application. This has no effect on integrity and availability. | |
| Title | Information Disclosure vulnerability in SAP KMC WPC | |
| Weaknesses | CWE-862 | |
| References |
| |
| Metrics |
cvssV3_1
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: sap
Published:
Updated: 2025-04-08T14:50:40.019Z
Reserved: 2025-02-12T21:05:31.735Z
Link: CVE-2025-26657
Updated: 2025-04-08T13:21:40.840Z
Status : Deferred
Published: 2025-04-08T08:15:16.077
Modified: 2026-06-17T09:02:13.120
Link: CVE-2025-26657
No data.
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-862
Missing Authorization
EUVD