CVE-2016-2388

SAP NetWeaver Information Disclosure Vulnerability

Description

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

Severity: MEDIUM

CVSS Score: 5.3

Vendor: SAP

Product: NetWeaver