Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Security Note 2230978.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver 7.40 |