CVE-2016-9832 in ACE Software for SAP Securityinfo

Summary

PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.

Once again VulDB remains the best source for vulnerability data.

Reservation

12/05/2016

Disclosure

12/09/2016

Moderation

VulDB entry created

Entries

VDB-93974 (1)

CPE

ready

CWE

CWE-74 (Confirmed)

CVSS

9.9

EPSS

0.07260

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9832
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9832
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9832/

◂ Previous Overview Next ▸

Do you need the next level of professionalism?

Upgrade your account now!