SAP Cyber Threat Report 2016 revealed that a lot of SAP services are exposed to the internet. Most of them shouldn't be available online. In this blog post, we want to focus on a specific one, SAP Dispatcher. It is the back-end service that handles SAP GUI connections. According to the official SAP documentations, this architecture looks like that: If we connect under a regular user via SAP GUI to our test server, we will be greeted with a screen like this: We can see that the server gives us some interesting information even without logging in and without knowing […]
The post SAP Dispatcher Security appeared first on ERPScan.
from SAP Dispatcher Security
No comments:
Post a Comment