CVE-2016-2386

SAP NetWeaver SQL Injection Vulnerability

Description

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Severity: CRITICAL

CVSS Score: 9.8

Vendor: SAP

Product: NetWeaver