

Remotely Exploitable flaws affect SAP solutions - paganinip
http://securityaffairs.co/wordpress/36816/hacking/remotely-exploitable-flaws-affect-sap-solutions.html

======
pferde
From the CoreLabs advisory: "As most of the services affected by these issues
are not encrypted by default, an attacker might be able to perform a man-in-
the-middle attack and trigger the vulnerabilities by injecting malicious
packets within the communication."

I wonder if this can be a wakeup call for SAP to change this, and start
encrypting everything. Knowing SAP, though, probably not.

