SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: sap
Published: 2018-03-14T19:00:00
Updated: 2024-08-05T04:14:39.566Z
Reserved: 2017-12-15T00:00:00
Link: CVE-2018-2366
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-03-14T19:29:00.203
Modified: 2024-11-21T04:03:41.310
Link: CVE-2018-2366
Redhat
No data.