An attacker with non-administrative authorizations in SAP NetWeaver (BI CONT ADD ON) - versions 707, 737, 747, 757, can exploit a directory traversal flaw to over-write system files. Data from confidential files cannot be read but potentially some OS files can be over-written leading to system compromise.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
sap netweaver bi content 737 |
||
sap netweaver bi content 747 |
||
sap netweaver bi content 757 |
||
sap netweaver bi content 707 |