Skip to navigation Skip to main content Skip to footer

Multiple security vulnerabilities in SAP NetWeaver BSP Logon

03 August 2016

By NCC Group Publication Archive

Research Cyber Security Technical advisories

Vulnerability Summary

Title                               Multiple security vulnerabilities in SAP NetWeaver BSP Logon 
Release Date               8 March 2016 
Reference                    NCC00837 
Discoverer                   Soroush Dalili 
Vendor                         SAP 
Vendor References    2198151,2195595 
Systems Affected       Tested on SAP NetWeaver 7.42 and SAP Solution Manager 7.1 
(other versions are probably vulnerable) 
CVE Reference           CVE-2015-8774 
Risk                               High 
Status                           Approved

Download technical advisory

NCC Group Publication Archive

NCC Group Publication Archive