2 matches found
CVE-2016-6139
SAP TREX 7.10 Revision 63 is affected by a vulnerability that allows remote attackers to read arbitrary files via unspecified vectors. The issue is described in CVE-2016-6139 (aka SAP Security Note 2203591). The CVSS data indicates high to critical impact, with network access and no authenticatio...
CVE-2016-6140
CVE-2016-6140 affects SAP TREX 7.10 Revision 63. Remote attackers can write arbitrary files via RFC-Gateway vectors, linked to SAP Security Note 2203591. The issue enables file write with network access and no authentication required, with high/critical impact on confidentiality, integrity, and a...