SQL Injection Vulnerability in SAP NetWeaver J2EE Engine 7.40 UDDI Server
CVE-2016-2386 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Learn more about our Cis Benchmark Audit For Server Software.