The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
packetstormsecurity.com/files/132359/SAP-Management-Console-Information-Disclosure.html
seclists.org/fulldisclosure/2015/Jun/65
www.securityfocus.com/archive/1/535829/100/800/threaded
www.securityfocus.com/bid/73705
erpscan.io/advisories/erpscan-15-007-sap-management-console-readprofile-parameters-information-disclosure/