VYPR
Unrated severityNVD Advisory· Published Apr 17, 2014· Updated Jun 17, 2026

CVE-2014-0984

CVE-2014-0984

Description

The passwordCheck function in SAP Router 721 patch 117, 720 patch 411, 710 patch 029, and earlier terminates validation of a Route Permission Table entry password upon encountering the first incorrect character, which allows remote attackers to obtain passwords via a brute-force attack that relies on timing differences in responses to incorrect password guesses, aka a timing side-channel attack.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • SAP/Router4 versions
    cpe:2.3:a:sap:router:710:029:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:sap:router:710:029:*:*:*:*:*:*
    • cpe:2.3:a:sap:router:720:411:*:*:*:*:*:*
    • cpe:2.3:a:sap:router:721:117:*:*:*:*:*:*
    • (no CPE)range: <= 721 patch 117 / 720 patch 411 / 710 patch 029

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.