SAP® and Oracle® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

Wily Introscope Enterprise
High

06/14/2021

Hard-coded Credentials in CA Introscope Enterprise Manager

Impact On Business Unauthenticated attackers can bypass the authentication if the default passwords for Admin and Guest users have not been changed by the administrator. This may impact the confidentiality of the service. Affected Components Description CA Introscope Enterprise Manager is part of CA APM Introscope(R), an application performance management solution to manage Java Application…

Read More
Wily Introscope Enterprise
Critical

06/14/2021

OS Command Injection Vulnerability in SAP Wily Introscope Enterprise

Impact On Business The vulnerability can allow an attacker to inject OS commands and thus gain complete control of the host running the CA Introscope Enterprise Manager. That exploit can be started remotely and does not require authentication or any privileges. Affected Components Description CA Introscope Enterprise Manager is part of CA APM Introscope(R), an…

Read More