ID
VAR-201708-1674
TITLE
SAP NetWeaver Unspecified SQL Injection Vulnerability
Trust: 0.3
sources:
BID: 100163
DESCRIPTION
SAP NetWeaver is prone to an unspecified SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
Trust: 0.3
sources:
BID: 100163
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 100163
THREAT TYPE
network
Trust: 0.3
sources:
BID: 100163
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 100163
EXTERNAL IDS
| db: | BID | id: | 100163 | Trust: 0.3 |
sources:
BID: 100163
REFERENCES
| url: | https://help.sap.com/nw_platform | Trust: 0.3 |
| url: | https://blogs.sap.com/2017/08/08/sap-security-patch-day-august-2017/ | Trust: 0.3 |
sources:
BID: 100163
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 100163
SOURCES
| db: | BID | id: | 100163 |
LAST UPDATE DATE
2022-05-17T02:08:03.848000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 100163 | date: | 2017-08-08T00:00:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 100163 | date: | 2017-08-08T00:00:00 |