Primary

Context

SAP KMC WPC Username Enumeration Vulnerability

Vulnerability

A vulnerability in SAP KMC WPC allows an unauthenticated attacker to remotely retrieve usernames by sending a simple parameter query. This could expose sensitive information, leading to a low impact on the application's confidentiality. The vulnerability does not affect integrity or availability.

Impact

Exploitation of this vulnerability could result in unauthorized username retrieval, potentially allowing for further targeted attacks or information gathering.

Remediation

Users are advised to review and implement the SAP Security Notes related to this vulnerability. These notes contain expert advice on patches and action items to ensure system security. Access SAP Security Notes through the SAP for Me platform.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP KMC WPC Username Enumeration Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating