SAP NetWeaver Application Server ABAP Remote Function Call Credential Exposure Vulnerability

A vulnerability in SAP NetWeaver Application Server ABAP allows authenticated attackers to send Remote Function Call (RFC) requests to restricted destinations. This could lead to the exposure of credentials for a remote service, which attackers could then use to fully compromise that service. Such a compromise could significantly impact the application's confidentiality, integrity, and availability.

Impact

Exploitation of this vulnerability could lead to a complete compromise of the targeted remote service, with potential severe consequences for the application's confidentiality, integrity, and availability.

Remediation

Users are advised to review and implement the SAP Security Note related to this vulnerability. This can be done through the SAP for Me platform, specifically during the monthly SAP Security Patch Day.