Description
The SAP Management Console (SAP MC) provides a common framework for centralized system management. It allows you to monitor and perform basic administration tasks on the SAP system centrally, which simplifies system administration. The SAP Management Console exposes certain methods which allows an unauthenticated user to access sensitive information such as user list from ABAP syslog through the SAP Management Console SOAP Interface.
Remediation
Install SAP security note 1439348.
References
Related Vulnerabilities
MediaWiki remote code execution
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-1015)
WordPress Plugin Video Conferencing with Zoom Information Disclosure (3.8.16)
Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-4042)