VulnCheck KEV: CVE-2016-2389

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

SAP xMII 15 Cross Site Scripting

Application: SAP xMII Versions Affected: SAP xMII 15 Vendor URL: http://SAP.com Bugs: XSS Sent: 04.12.2015 Reported: 05.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 12.04.2016 Reference: SAP Security Note 2201295 Author: Nursultan Abubakirov ERPScan , Vahagn Vardanyan ERPScan...

SAP xMII 15.0 - Directory Traversal

Exploit for php platform in category web applications Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 22309...

SAP xMII 15.0 - Directory Traversal

Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry Chastuhin ERPScan Description 1...

SAP xMII 15.0 - Directory Traversal

SAP xMII 15.0 - Directory Traversal Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: http://SAP.com Bugs: Directory traversal Sent: 29.07.2015 Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry...

CVE-2016-4016

CVE-2016-4016: SAP Manufacturing Integration Intelligence (MII / xMII) 15 is affected by a reflected cross-site scripting (XSS) vulnerability. An attacker can inject arbitrary script via the title parameter of the NavigationApplication URL (webdynpro/resources/sap.com/xapps~xmii~ui~admin~navigati...

CVE-2016-2389

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

CVE-2016-2389

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

Directory traversal

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

CVE-2016-2389

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence xMII component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. dot dot in the Path parameter to /Catalog, aka SAP Security Note 2230978...

CVE-2016-2389

SAP xMII 15.0 for SAP NetWeaver 7.4 is affected by CVE-2016-2389 due to a directory traversal in the GetFileList function (Path parameter to /Catalog), enabling read of arbitrary server files (e.g., ../../../../etc/passwd). Affected component is SAP MII 15.0; CVSS v3 base score 7.5 (Network, Low ...

CVE-2015-8330

The PCo agent in SAP Plant Connectivity PCo allows remote attackers to cause a denial of service memory corruption and agent crash via crafted xMII requests, aka SAP Security Note 2238619...

Memory corruption

The PCo agent in SAP Plant Connectivity PCo allows remote attackers to cause a denial of service memory corruption and agent crash via crafted xMII requests, aka SAP Security Note 2238619...

CVE-2015-8330

CVE-2015-8330 affects SAP Plant Connectivity (PCo) agent versions 2.2, 2.3, 15.0 and 15.1. A remote attacker can trigger memory corruption and crash the PCo agent by sending crafted xMII requests, causing denial of service. This is documented by NVD (base score 7.8) and referenced advisories, inc...

SAP xMII - directory traversal vulnerability

Application: SAP xMII Versions Affected: SAP MII 15.0 Vendor URL: SAP Bugs: Directory traversal Reported: 29.07.2015 Vendor response: 30.07.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2230978 Author: Dmitry Chastuhin ERPScan VULNERABILITY INFORMATION Class: CWE-36 Impact...

SAP PCo agent - DoS vulnerability

Application: SAP PCo Vendor: Bugs: DoS Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2238619 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Denial of service Impact: Disrupt operational status Remotely Exploitable:...