CVE-2003-1035

Name of the Vulnerable Software and Affected Versions SAP R/3 version 46C/D

Description The issue allows remote attackers to bypass account locking by using the RFC API for brute force password guessing attacks, which does not lock out the account like the SAPGUI does.

Recommendations For SAP R/3 version 46C/D, consider restricting access to the RFC API to minimize the risk of exploitation. As a temporary workaround, implement additional account lockout measures outside of the SAPGUI to prevent brute force attacks.