SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: sap

Published: 2018-03-14T19:00:00

Updated: 2024-08-05T04:14:39.566Z

Reserved: 2017-12-15T00:00:00

Link: CVE-2018-2366

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-03-14T19:29:00.203

Modified: 2019-10-09T23:40:01.700

Link: CVE-2018-2366

cve-icon Redhat

No data.