CVE-2017-16678

Summary

Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application.

Affected Software

VendorProductVersion RangeStatus
SAPSAP NetWeaver Knowledge Management Configuration ServiceEPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50affected

Weaknesses

  • Server Side Request Forgery (SSRF)

ADP Enrichment

CVE Program Container

Additional References

References