Exposures › CVE-2016-3976
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files.
SAP NetWeaver Application Server Java Platforms contains a directory traversal vulnerability via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet. This allows remote attackers to read files.
| Product | Provider | Status | Match |
|---|---|---|---|
| SAP NS2 Cloud Intelligent Enterprise | SAP National Security Services Inc. (SAP NS2) | Authorized | vendor-exact · 0.90 |
| SAP NS2 Secure Node with SuccessFactors Suite - DoD | SAP National Security Services Inc. (SAP NS2) | Authorized | vendor-exact · 0.90 |