First published: Tue Feb 16 2016(Updated: )
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
SAP NetWeaver | =7.40 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.