CVE-2014-1960 | Vulnerability Database | Aqua Security

The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Netweaver	Sap	- (including)	- (including)
Netweaver_solution_manager	Sap	7.0 (including)	7.0 (including)
Netweaver_solution_manager	Sap	7.1 (including)	7.1 (including)

References

http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885
http://scn.sap.com/docs/DOC-8218
http://secunia.com/advisories/56942
https://erpscan.io/advisories/erpscan-14-004-sap-netweaver-solution-manager-missing-authorization-check-information-disclosure/
https://exchange.xforce.ibmcloud.com/vulnerabilities/91093
https://service.sap.com/sap/support/notes/1828885

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-1960
CWE	https://cwe.mitre.org/data/definitions/264.html