logo

CVE-2016-2388 - SAP NetWeaver Information Disclosure Vulnerability

CVE-2016-2388

SAP | NetWeaver

  • Date Added:
  • 2022-06-09
  • Due Date:
  • 2022-06-30
Vulnerability Name

SAP NetWeaver Information Disclosure Vulnerability

Description

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2016-2388

Free security scan for your website