SAP FI Manager Self-Service has a hard-coded user name, which makes it easier for remote attackers to obtain access via unspecified vectors.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-5176
Reference (s):
- BID:68951
- URL: http://www.securityfocus.com/bid/68951
- BUGTRAQ:20140729 [Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service
- URL: http://www.securityfocus.com/archive/1/532945/100/0/threaded
- http://scn.sap.com/docs/DOC-8218