CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-3976

Known Exploited (CISA KEV)HIGH
7.5
CVSS Severity Score
EPSS Score25.9950%
EPSS Percentile92.12th
Published2016年4月7日
Last Modified2026年4月21日

Vulnerability Description

Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.

Affected Platforms (CPE)

📦
Sap

Netweaver Application Server Java

>= 7.10 and <= 7.50

References & Advisories

🔗 http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html
🔗 http://seclists.org/fulldisclosure/2016/Jun/40
🔗 https://erpscan.io/advisories/erpscan-16-012/
🔗 https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/
🔗 https://launchpad.support.sap.com/#/notes/2234971
🔗 https://www.exploit-db.com/exploits/39996/
🔗 http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html
🔗 http://seclists.org/fulldisclosure/2016/Jun/40

関連する脆弱性情報

CVE-2010-532610.0

The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, whic...

CVE-2019-03459.8

A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java (Administrator System Overv...

CVE-2021-375359.8

SAP NetWeaver Application Server Java (JMS Connector Service) - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform nece...

CVE-2019-03898.8

An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5),...