SAP
Enabling a discrepancy factor by enabling user enumeration
Account enumeration For a long time, SAP thought that a user Id should contain a number (and still does). The D, I, C or S-Users are based on a number, and so are the P-Users everyone was able to get by registering at SCN. Enabling attackers to guess a valid Read more…