ID
VAR-201612-0676
TITLE
SAP NetWeaver Directory Creation Security Bypass Vulnerability
Trust: 0.3
sources:
BID: 94890
DESCRIPTION
SAP NetWeaver is prone to a security-bypass vulnerability. Remote attackers can exploit this issue to bypass certain security restrictions and gain unauthorized access to the SAP server filesystem.
Trust: 0.3
sources:
BID: 94890
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 94890
THREAT TYPE
network
Trust: 0.3
sources:
BID: 94890
TYPE
Configuration Error
Trust: 0.3
sources:
BID: 94890
EXTERNAL IDS
| db: | BID | id: | 94890 | Trust: 0.3 |
sources:
BID: 94890
REFERENCES
| url: | https://erpscan.com/advisories/erpscan-16-041-sap-netweaver-directory-creation-outside-jvm/ | Trust: 0.3 |
| url: | http://www.sap.com | Trust: 0.3 |
| url: | https://service.sap.com/sap/support/notes/2310790 | Trust: 0.3 |
sources:
BID: 94890
CREDITS
Mathieu Geli (ERPScan)
Trust: 0.3
sources:
BID: 94890
SOURCES
| db: | BID | id: | 94890 |
LAST UPDATE DATE
2022-05-17T01:36:34.253000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 94890 | date: | 2016-12-20T01:09:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 94890 | date: | 2016-12-13T00:00:00 |