The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
http://www.securityfocus.com/bid/73705
http://www.securityfocus.com/archive/1/535829/100/800/threaded
http://seclists.org/fulldisclosure/2015/Jun/65
http://packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html