SAP NetWeaver Enterprise Portal OBN Authentication Bypass Vulnerability Allowing Integrity Manipulation

An authentication bypass vulnerability has been identified in SAP NetWeaver Enterprise Portal OBN. The issue arises because the portal does not properly validate authentication for a specific configuration setting. As a result, a non-authenticated user can manipulate this setting, leading to a low impact on data integrity. The vulnerability does not affect the application's confidentiality or availability.

Impact

Exploitation of this vulnerability allows for unauthorized users to alter specific configuration settings, potentially leading to integrity issues within the application.

Remediation

Users are advised to review and implement the SAP Security Note associated with this vulnerability. This can be done through the SAP for Me platform, specifically in the Security Notes section. For detailed guidance on accessing and applying SAP Security Notes, refer to the SAP Security Notes FAQs.