The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
https://service.sap.com/sap/support/notes/1894049
http://www.securitytracker.com/id/1030157
http://www.securityfocus.com/bid/67147
http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2014-005