logo

CVE-2016-2386 - SAP NetWeaver SQL Injection Vulnerability

CVE-2016-2386

SAP | NetWeaver

  • Date Added:
  • 2022-06-09
  • Due Date:
  • 2022-06-30
Vulnerability Name

SAP NetWeaver SQL Injection Vulnerability

Description

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-2386

Free security scan for your website