CVE-2015-8840

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS Java (affected versions not specified)

Description The issue is related to insufficient access control in the XML Data Archiving Service component of the SAP NetWeaver platform. This can be exploited by a remote attacker to obtain confidential information, elevate privileges, or have other unspecified impacts. The exploitation involves sending requests to specific API endpoints, including "webcontent/cas/cas enter.jsp", "webcontent/cas/cas validate.jsp", and "webcontent/aas/aas store.jsp".

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.