Search criteria
3 vulnerabilities found for brazil by sap
VAR-201406-0215
Vulnerability from variot - Updated: 2025-04-13 23:05SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. SAP is the world's leading provider of enterprise management software solutions. SAP's multiple components have hard-coded usernames that allow attackers to exploit vulnerabilities to obtain sensitive information. These components include: SAP Project System SAP Structures SAP Project-Oriented Procurement SAP Brazil Specific Add-On SAP Oil Industry Solution Traders and Schedulers Workbench SAP Upgrade Tools SAP Web Services Tool SAP CCMS Monitoring SAP Transaction Data Pool SAP Capacity Leveling SAP Open Hub Service. Multiple SAP Components are prone to an information-disclosure vulnerability. An attacker can exploit this issue to gain unauthorized access to the affected application
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201406-0215",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "brazil",
"scope": "eq",
"trust": 1.6,
"vendor": "sap",
"version": null
},
{
"model": "brazil",
"scope": null,
"trust": 0.8,
"vendor": "sap",
"version": null
},
{
"model": "sap",
"scope": null,
"trust": 0.6,
"vendor": "sap",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:sap:brazil",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Sergio Abraham",
"sources": [
{
"db": "BID",
"id": "67920"
}
],
"trust": 0.3
},
"cve": "CVE-2014-4005",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2014-4005",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 3.9,
"id": "CNVD-2014-03665",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-4005",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-4005",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2014-03665",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201406-120",
"trust": 0.6,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors. SAP is the world\u0027s leading provider of enterprise management software solutions. SAP\u0027s multiple components have hard-coded usernames that allow attackers to exploit vulnerabilities to obtain sensitive information. These components include: SAP Project System SAP Structures SAP Project-Oriented Procurement SAP Brazil Specific Add-On SAP Oil Industry Solution Traders and Schedulers Workbench SAP Upgrade Tools SAP Web Services Tool SAP CCMS Monitoring SAP Transaction Data Pool SAP Capacity Leveling SAP Open Hub Service. Multiple SAP Components are prone to an information-disclosure vulnerability. \nAn attacker can exploit this issue to gain unauthorized access to the affected application",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-4005"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "BID",
"id": "67920"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-4005",
"trust": 2.7
},
{
"db": "BID",
"id": "67920",
"trust": 1.9
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-03665",
"trust": 0.6
},
{
"db": "FULLDISC",
"id": "20140606 [ONAPSIS SECURITY ADVISORIES] MULTIPLE HARD-CODED USERNAMES IN SAP COMPONENTS",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "BID",
"id": "67920"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"id": "VAR-201406-0215",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"ICS"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
}
]
},
"last_update_date": "2025-04-13T23:05:00.116000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "SAP Security Note 1768049",
"trust": 0.8,
"url": "http://scn.sap.com/docs/DOC-8218"
},
{
"title": "Patch for information disclosure vulnerabilities in multiple SAP component built-in usernames",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/46415"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-255",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 3.0,
"url": "http://seclists.org/fulldisclosure/2014/jun/36"
},
{
"trust": 2.4,
"url": "http://www.layersevensecurity.com/docs/layer%20seven%20security_advisory_february%202014.pdf"
},
{
"trust": 1.6,
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"trust": 1.6,
"url": "http://scn.sap.com/docs/doc-8218"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/67920"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-4005"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-4005"
},
{
"trust": 0.3,
"url": "http://www.sap.com"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "BID",
"id": "67920"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"db": "BID",
"id": "67920"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"date": "2014-06-06T00:00:00",
"db": "BID",
"id": "67920"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"date": "2014-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"date": "2014-06-09T20:55:09.043000",
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-06-17T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-03665"
},
{
"date": "2014-06-11T00:02:00",
"db": "BID",
"id": "67920"
},
{
"date": "2014-06-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-002809"
},
{
"date": "2014-06-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201406-120"
},
{
"date": "2025-04-12T10:46:40.837000",
"db": "NVD",
"id": "CVE-2014-4005"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "SAP Brazil add-on Vulnerabilities that gain access",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-002809"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "trust management",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201406-120"
}
],
"trust": 0.6
}
}
CVE-2014-4005 (GCVE-0-2014-4005)
Vulnerability from nvd – Published: 2014-06-09 20:00 – Updated: 2024-08-06 11:04
VLAI?
Summary
SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:27.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67920"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-12T13:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67920"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67920"
},
{
"name": "https://service.sap.com/sap/support/notes/1768049",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"name": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf",
"refsource": "MISC",
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4005",
"datePublished": "2014-06-09T20:00:00.000Z",
"dateReserved": "2014-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:04:27.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-4005 (GCVE-0-2014-4005)
Vulnerability from cvelistv5 – Published: 2014-06-09 20:00 – Updated: 2024-08-06 11:04
VLAI?
Summary
SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T11:04:27.929Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "67920",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/67920"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-06-06T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-06-12T13:57:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "67920",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/67920"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://scn.sap.com/docs/DOC-8218"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-4005",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SAP Brazil add-on has hardcoded credentials, which makes it easier for remote attackers to obtain access via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "67920",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/67920"
},
{
"name": "https://service.sap.com/sap/support/notes/1768049",
"refsource": "CONFIRM",
"url": "https://service.sap.com/sap/support/notes/1768049"
},
{
"name": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf",
"refsource": "MISC",
"url": "http://www.layersevensecurity.com/docs/Layer%20Seven%20Security_Advisory_February%202014.pdf"
},
{
"name": "20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Jun/36"
},
{
"name": "http://scn.sap.com/docs/DOC-8218",
"refsource": "CONFIRM",
"url": "http://scn.sap.com/docs/DOC-8218"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-4005",
"datePublished": "2014-06-09T20:00:00.000Z",
"dateReserved": "2014-06-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T11:04:27.929Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}