Reply to post:

SAP fixes gaping authentication bypass flaw after 3 YEARS

Wedgie

A fair bit of hyperbole here. The authentication bug was for an information service & the info that can be gained isn't particularly useful, certainly not a critical prior and not classified by SAP as such.

With regard to giving code to customers - in general it is (with a few exceptions). While it's not open source, it is available to anyone with an SAP system - a lot of customers & partners.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021