Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
Max CVSS
7.8
EPSS Score
24.15%
Published
2016-02-16
Updated
2018-12-10
1 vulnerabilities found