Question 1

What is CVE-2016-2388 — SAP NetWeaver Information Disclosure Vulnerability?

Accepted Answer

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request.

Question 2

What is the authoritative source for CVE-2016-2388?

Accepted Answer

SAP NetWeaver Information Disclosure Vulnerability (CVE-2016-2388) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVE-2016-2388SAP NetWeaver Information Disclosure Vulnerability

Description

Scoring

CISA KEV entry

(incoming)1

Related by meaning· 6