CVE-2016-2388

high-risk
Published 2016-02-16

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846.

Do I need to act?

!
62.3% chance of exploitation in next 30 days
EPSS score — higher than 38% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
2 public exploits available
43495, 39841
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Sap

References (15)

Exploit http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Informatio...
Exploit http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-I...
Exploit http://seclists.org/fulldisclosure/2016/May/55
Broken Link https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-discl...
Broken Link https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/
Exploit https://www.exploit-db.com/exploits/39841/
Exploit https://www.exploit-db.com/exploits/43495/
Exploit http://packetstormsecurity.com/files/137128/SAP-NetWeaver-AS-JAVA-7.5-Informatio...
Exploit http://packetstormsecurity.com/files/145860/SAP-NetWeaver-J2EE-Engine-7.40-SQL-I...
Exploit http://seclists.org/fulldisclosure/2016/May/55
Broken Link https://erpscan.io/advisories/erpscan-16-010-sap-netweaver-7-4-information-discl...
Broken Link https://erpscan.io/press-center/blog/sap-security-notes-february-2016-review/
Exploit https://www.exploit-db.com/exploits/39841/
Exploit https://www.exploit-db.com/exploits/43495/
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2016-...
52
/ 100
high-risk
Severity 21/34 · High
Exploitability 26/34 · High
Exposure 5/34 · Minimal