Description
Exploiting weak/predictable user credentials is one of the most common and successful attack scenarios used against SAP systems. During the installation, SAP systems create the standard users SAP*, DDIC and EARLYWATCH. Acunetix WVS tried the default passwords for these standard users (and other commonly used SAP users) and managed to guess a set of credentials that were accepted by the SAP system.
Remediation
To protect standard SAP users from unauthorized use:
- Define a new superuser and deactivate SAP*.
- Change all of the default passwords for these users.
References
Related Vulnerabilities
XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-34466)
TYPO3 Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3628)
Apache Tomcat examples directory vulnerabilities
WordPress Plugin WebP Express Arbitrary File Disclosure (0.14.10)