CVE-2014-3131 Information

Description

SAP Profile Maintenance does not properly restrict access which allows remote authenticated users to obtain sensitive information via an unspecified RFC function related to SAP Solution Manager 7.1.

Reference

http://scn.sap.com/docs/DOC-8218 http://seclists.org/fulldisclosure/2014/Apr/300 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-007 http://www.securityfocus.com/bid/67103 https://service.sap.com/sap/support/notes/1917381