2571270 - Fiori Client 1.9 Vulnerabilties

Following vulnerabilities are detected in Fiori Client 1.9.x:

• Application data can be backed up by attackers
  
• Following Activities are not protected:

1. com.sap.smp.client.httpc.authflows.OTPAuthActivity (An intent-filter exists)
2. com.sap.mp.cordova.plugins.authProxy.AuthProxyOTPAuthActivity (An inent-filter exists)

• Broadcast Receiver (com.sap.mp.cordova.plugins.authProxy.WifiChangeReceiver) is not protected. An intent-filter exists
• Review of permisssion access for the application

SAP Fiori Client 1.9.x

KBA , MOB-FC , SAP Fiori Client Native Mobile Application , Bug Filed