SAP Knowledge Base Article - Preview

3098167 - Vulnerabilities - Metadata Publishing Enabled for ASMX Web Services - FC

Symptom

  • The web services had metadata publishing enabled for ASMX web services, allowing WSDL metadata to be retrieved by unauthenticated clients.
  • WSDL data may result useful to an attacker in determining the methods exposed by a service and constructing well-formed requests.
  • Can this be considered as Product vulnerability?


Read more...

Environment

SAP Financial Consolidation (FC) 10.1 web client.

Product

SAP Financial Consolidation 10.1

Keywords

web.config , bfc , vulnérabilité , thread ,  , KBA , EPM-BFC-TCL , Technical Components , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP ONE Support launchpad (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.