[ERPSCAN-15-002] SAP Mobile .healthcare.emr.v2 – Unauthorized access

Application: SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2), SAP Clinical Task Tracker (com.sap.mobile.healthcare.ctt)
Vendor URL: http://www.sap.com
Bugs: Unauthorized access
Reported: 20.04.2013
Vendor response: 21.04.2013
Date of Public Advisory: 15.02.2015
Reference: SAP Security Note 2117079
Authors: Dmitry Evdokimov (ERPScan)

An attacker can change the settings of the application: backendurl, clientid, ssourl, infopageurl.

Business Risk
The server connection settings of the application can be changed after their initial import so that the user may get connected to a malicious system. The threat exists only if the user confirms the settings changes, but the attacker can show this confirmation window infinitely until they click OK.


To prevent this issue as well as a plethora of other vulnerabilities that may affect your systems, ERPScan provides the following services: