Posted by ERPScan inc on Jun 18

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.1 – 7.5

Vendor URL: http://SAP.com

Bug: Directory traversal

Sent: 29.09.2015

Reported: 29.09.2015

Vendor response: 30.09.2015

Date of Public Advisory: 08.03.2016

Reference: SAP Security Note 2234971

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: [ERPSCAN-16-012] SAP NetWeaver AS Java directory traversal vulnerability…