CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2016-2386

Kritik(9.8)

SAP NetWeaver J2EE Engine 7.40 da UDDI serveridagi SQL in'ektsiya zaifligi masofaviy tajovuzkorlarga noma'lum vektorlar, ya'ni SAP Security Note 2101079 orqali o'zboshimchalik bilan SQL buyruqlarini bajarishga imkon beradi.

Vendor

Sap

Product

Netweaver Application Server Java

CVSS Score

9.8

Nashr sanasi

16-fev, 2016

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Manbalar

http://packetstormsecurity.com/files/137129/SAP-NetWeaver-AS-JAVA-7.5-SQL-Injection.html
http://seclists.org/fulldisclosure/2016/May/56
https://erpscan.io/advisories/erpscan-16-011-sap-netweaver-7-4-sql-injection-vulnerability/
https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/
https://github.com/vah13/SAP_exploit

Yangi kritik zaifliklar

CyberNewsUz — CVE-2016-2386