Last month Core Security Technologies published a vulnerability related to SAP Routers that could allow an unauthenticated remote attacker to obtain passwords used to protect route entries by a timing side-channel attack. Vulnerable SAP Routers include release 721 patch level 117, release 720 patch level 411, and release 710 patch level 029 while, other releases may be affected too.
Go to the complete security advisory here – http://www.coresecurity.com/advisories/sap-router-password-timing-attack