SAP NetWeaver AS JAVA UMEADMIN Component Directory Traversal Vulnerability

SAP NetWeaver is SAP's integrated technology platform and the technology foundation for all SAP applications since SAP Business Suite. A directory traversal vulnerability exists in the SAP NetWeaver AS JAVA UMEADMIN component, which could allow an attacker to create any directory with the...

SAP NetWeaver directory creation outside of the JVM

Application: SAP NetWeaver Versions Affected: SAP NetWeaver AS JAVA UMEADMIN component Vendor URL: SAP Bugs: Directory traversal Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 13.12.2016 Reference: SAP Security Note 2310790 Author: Mathieu Geli ERPScan VULNERABILITY...