Posted by ERPScan inc on May 17

Application: SAP xMII

Versions Affected: SAP MII 15.0

Vendor URL: http://SAP.com

Bugs: Directory traversal

Sent: 29.07.2015

Reported: 29.07.2015

Vendor response: 30.07.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2230978

Author: Dmitry Chastuhin (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP xMII – directory traversal vulnerability

Advisory ID: [ERPSCAN-16-009]

Risk: high priority

Advisory URL:…