SAP Business Intelligence CVE-2016-6818 SQL Injection Vulnerability

SAP Business Intelligence is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

An attacker can exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Information

Bugtraq ID: 97661
Class: Input Validation Error
CVE: CVE-2016-6818

Remote: Yes
Local: No
Published: Jan 10 2017 12:00AM
Updated: Jan 10 2017 12:00AM
Credit: ERPScan
Vulnerable: SAP Business Intelligence 0

Not Vulnerable:

Exploit

An attacker can exploit this issue using a browser.

References:

SAP Cyber Threat Intelligence report â?? January 2017 (ERPScan)
SAP Homepage (SAP)

Source: www.securityfocus.com

Exploit Collector

Search Exploit