Symptom
- The web services had metadata publishing enabled for ASMX web services, allowing WSDL metadata to be retrieved by unauthenticated clients.
- WSDL data may result useful to an attacker in determining the methods exposed by a service and constructing well-formed requests.
- Can this be considered as Product vulnerability?
Read more...
Environment
SAP Financial Consolidation (FC) 10.1 web client.
Product
SAP Financial Consolidation 10.1
Keywords
web.config , bfc , vulnérabilité , thread , , KBA , EPM-BFC-TCL , Technical Components , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.