CVE-2016-2388

SAP NetWeaver Information Disclosure Vulnerability

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request. Vendor/Product: SAP NetWeaver. Added to CISA KEV 2022-06-09; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2016-2388