[ERPSCAN-16-011] SAP NetWeaver AS JAVA â€“ SQL injection vulnerability

Posted by ERPScan inc on May 23

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5

Bugs: SQL injection

Send: 04.12.2015

Reported: 04.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 09.02.2016

Reference: SAP Security Note 2101079

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA – SQL injection vulnerability

Advisory…

007 Software