Rule Category

POLICY-OTHER --

Alert Message

POLICY-OTHER SAP NetWeaver JWFTestAddAssignees potential disclosure vulnerable page

Rule Explanation

The JWFTestAddAssignees page is vulnerable to information disclosure if a user clicks "Choose" and then "Search" in SAP NetWeaver AS JAVA 7.1 - 7.5. This is considered a policy violation.

What To Look For

This rule alerts when a user opens the JWFTestAddAssignees web page in SAP Netweaver AS JAVA.

Known Usage

Public information/Proof of Concept available

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

MITRE ATT&CK Framework

Tactic: Reconnaissance

Technique: Employee Names

For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org

Additional Links

Rule Vulnerability

Information Leak

Information Leakage happens when an attacker manipulates a system into revealing sensitive information, either through malformed input or by taking advantage of another feature of the system.

CVE Additional Information