CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

Yangiliklar CVE Tracker Exploitlar Hujumlar Xarita

CN

CyberNewsUz

Threat Intelligence Portal

LOADING0%

O'zbek tilidagi kiberxavfsizlik portali. Yangiliklar, CVE tracker, hujumlar bazasi.

Yangiliklar

Barcha yangiliklar
Hujumlar
Zayifliklar
O'zbekiston
Jahon

Asboblar

CVE Tracker
Exploit DB
Hujumlar bazasi
Threat xarita

Loyiha

Biz haqimizda

© 2026 CyberNewsUz. Barcha huquqlar himoyalangan.

CVE Tracker ga qaytish

CVE-2016-3976

Yuqori(7.5)

SAP NetWeaver AS Java 7.1 dan 7.5 gacha boʻlgan kataloglarni oʻtkazishda zaiflik masofaviy tajovuzkorlarga ixtiyoriy fayllarni fileName parametridagi ..\ (nuqta nuqta teskari chiziq) orqali CrashFileDownloadServlet, aka SAP Security Note 2234971 ga oʻqish imkonini beradi.

Vendor

Sap

Product

Netweaver Application Server Java

CVSS Score

7.5

Nashr sanasi

7-apr, 2016

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Manbalar

http://packetstormsecurity.com/files/137528/SAP-NetWeaver-AS-JAVA-7.5-Directory-Traversal.html
http://seclists.org/fulldisclosure/2016/Jun/40
https://erpscan.io/advisories/erpscan-16-012/
https://erpscan.io/press-center/blog/sap-security-notes-march-2016-review/
https://launchpad.support.sap.com/#/notes/2234971

Yangi kritik zaifliklar

CyberNewsUz — CVE-2016-3976