SAP Web Dispatcher and ICM Internal Testing Interface Exposure Vulnerability

A vulnerability exists in SAP Web Dispatcher and Internet Communication Manager (ICM) that may expose internal testing interfaces not intended for production use. If these interfaces are enabled, unauthenticated attackers could exploit them to access diagnostic information, send crafted requests, or disrupt services. This vulnerability significantly impacts confidentiality and availability, while having a low impact on the application's integrity.

Impact

Exploitation of this vulnerability could lead to unauthorized access to diagnostic information, disruption of services, or interference with normal application operations.

Remediation

Users are advised to consult the SAP Security Notes for guidance on addressing this vulnerability. SAP Security Notes can be accessed through the SAP for Me platform, where users can find the complete list of security updates and patches. It is recommended to implement these corrections as a priority.