SQL Injection Vulnerability in SAP NetWeaver J2EE Engine 7.40 UDDI Server

SQL Injection Vulnerability in SAP NetWeaver J2EE Engine 7.40 UDDI Server

CVE-2016-2386 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.

Learn more about our Cis Benchmark Audit For Server Software.