Primary

Context

SAP Production Operator Dashboards Security Misconfiguration Vulnerability Allowing Unauthenticated Data Access

Vulnerability

A security misconfiguration vulnerability in SAP Production Operator Dashboards (PODs) allows outside users to access customer data through these dashboards. The vulnerability arises because there are no mechanisms to enforce authentication, enabling malicious unauthenticated users to view non-sensitive customer information. However, this issue does not impact data integrity or availability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to non-sensitive customer information via Production Operator Dashboards.

Remediation

Customers are advised to review and implement the latest SAP Security Notes. Instructions for accessing SAP Security Notes can be found on the SAP Security Patch Day website.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SAP Production Operator Dashboards Security Misconfiguration Vulnerability Allowing Unauthenticated Data Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating