CVE-2016-2386

SAP NetWeaver SQL Injection Vulnerability

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vendor/Product: SAP NetWeaver. Added to CISA KEV 2022-06-09; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2016-2386