Following vulnerabilities are detected in Fiori Client 1.9.x:
- Application data can be backed up by attackers
- Following Activities are not protected:
- com.sap.smp.client.httpc.authflows.OTPAuthActivity (An intent-filter exists)
- com.sap.mp.cordova.plugins.authProxy.AuthProxyOTPAuthActivity (An inent-filter exists)
- Broadcast Receiver (com.sap.mp.cordova.plugins.authProxy.WifiChangeReceiver) is not protected. An intent-filter exists
- Review of permisssion access for the application
SAP Fiori Client 1.9.x
KBA , MOB-FC , SAP Fiori Client Native Mobile Application , Bug Filed
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.