/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
- The endpoint accounts.isAvailableLoginID is unprotected, enabling public connections to access and extract data from the system.
- This vulnerability can potentially affect any API key making calls to the endpoint and can be reproduced by attempting to call the endpoint from an external source.
Read more...
Environment
- SAP Customer Data Cloud
- Core REST API
Product
SAP Customer Data Cloud all versions
Keywords
CDC, gigya, endpoint security, unauthorized access, api key protection, data extraction prevention, secure endpoints, public method protection , KBA , CEC-PRO-API , Core REST API & Server SDKs (JWT / PHP / Java) , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)