CVE-2016-2389
16.02.2016, 15:59
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
Path Traversal
Vendor | Product | Version |
---|---|---|
sap | netweaver | 7.40 |
𝑥
= Vulnerable software versions
References