CVE-2016-2388βSAP NetWeaver Information Disclosure Vulnerability
PUBLISHEDvulnerability record
2022-06-09 Β· last modified June 21, 2025
Metadata
Vulnerability Name
SAP NetWeaver Information Disclosure Vulnerability
Description
The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.