Back to search
CVE-2017-16678
Published: Dec 12, 2017
Modified: Sep 17, 2024
PUBLISHED
Description
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attacker to manipulate the vulnerable application to send crafted requests on behalf of the application.
| Vendor | Product | Versions |
|---|---|---|
SAP | SAP NetWeaver Knowledge Management Configuration Service | affected EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50 |
References
https://launchpad.support.sap.com/#/notes/2457562
x_refsource_CONFIRM
https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
x_refsource_CONFIRM
102149
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now