Question 1

What is CVE-2016-2386 — SAP NetWeaver SQL Injection Vulnerability?

Accepted Answer

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

Question 2

What is the authoritative source for CVE-2016-2386?

Accepted Answer

SAP NetWeaver SQL Injection Vulnerability (CVE-2016-2386) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2016-2386SAP NetWeaver SQL Injection Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6