CVE-2016-9832
N/A
N/A
Summary
PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/archive/1/539883/30/0/threaded
- http://www.securityfocus.com/bid/94733
- http://packetstormsecurity.com/files/140062/PwC-ACE-Software-For-SAP-Security-8.10.304-ABAP-Injection.html
- http://seclists.org/fulldisclosure/2016/Dec/33
- https://www.esnc.de/security-advisories/vulnerability-in-pwc-ace-for-sap-security
- http://www.securityfocus.com/archive/1/539883/100/0/threaded
References
- http://www.securityfocus.com/archive/1/539883/30/0/threaded
- http://www.securityfocus.com/bid/94733
- http://packetstormsecurity.com/files/140062/PwC-ACE-Software-For-SAP-Security-8.10.304-ABAP-Injection.html
- http://seclists.org/fulldisclosure/2016/Dec/33
- https://www.esnc.de/security-advisories/vulnerability-in-pwc-ace-for-sap-security
- http://www.securityfocus.com/archive/1/539883/100/0/threaded
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.