Описание
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-6138
- https://layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SAP-Security-Notes_October-2015.pdf
- https://www.onapsis.com/blog/analyzing-sap-security-notes-october-2015
- https://www.onapsis.com/research/security-advisories/sap-trex-remote-directory-traversal
- http://packetstormsecurity.com/files/138437/SAP-TREX-7.10-Revision-63-Directory-Traversal.html
- http://scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--review
- http://seclists.org/fulldisclosure/2016/Aug/114
- http://seclists.org/fulldisclosure/2016/Aug/86
- http://www.securityfocus.com/bid/92060
Связанные уязвимости
CVSS3: 9.8
nvd
больше 9 лет назад
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.