SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102143 | Third Party Advisory VDB Entry |
https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/ | Vendor Advisory |
https://launchpad.support.sap.com/#/notes/2526781 | Permissions Required |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2017-12-12T00:00:00
Updated: 2017-12-13T10:57:01
Reserved: 2017-11-09T00:00:00
Link: CVE-2017-16682
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-12-12T14:29:00.403
Modified: 2017-12-22T14:34:21.977
Link: CVE-2017-16682
JSON object: View
Redhat Information
No data.
CWE