Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
User Enumeration and Sensitive Data Exposure via RFC Function in SAP Financial Service Claims Management
Vulnerability Description
A vulnerability in SAP Financial Service Claims Management RFC function ICL_USER_GET_NAME_AND_ADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
SAP Financial Service Claims Management 安全漏洞
Vulnerability Description
SAP Financial Service Claims Management是德国思爱普(SAP)公司的一个金融服务网络平台。 SAP Financial Service Claims Management存在安全漏洞,该漏洞源于ICL_USER_GET_NAME_AND_ADDRESS RFC函数存在响应差异,可能导致用户枚举和个人数据泄露。
CVSS Information
N/A
Vulnerability Type
N/A