← CVECheck
HomeVulnerabilities

CVE-2003-1035 — HIGH severity vulnerability (The default installation of SAP R/3 46C/D allows remote atta)

The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.

CVE IDCVE-2003-1035
SeverityHIGH
CVSS score7.5
CVSS vectorAV:N/AC:L/Au:N/C:P/I:P/A:P
CWENVD-CWE-Other
StatusModified
Published2004-04-15
Last modified2026-04-16
DescriptionThe default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →