CVE-2016-2386 - SAP NetWeaver SQL Injection Vulnerability
Project:SAP
Product:NetWeaver
Date Added:2022-06-09Due Date:2022-06-30
Vulnerability Name
SAP NetWeaver SQL Injection Vulnerability
Description
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-2386