Remote Code Execution Vulnerability in PwC ACE-ABAP 8.10.304 for SAP Security

CVE-2016-9832 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.

Learn more about our Web App Pen Testing.