THREATOPS
THREAT OPSCVEs › CVE-2016-2388

CVE-2016-2388 — SAP NetWeaver Information Disclosure Vulnerability

CISA KEVExploited: confirmedSAP

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

Vulnerability details