Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3974

CWE-611XML External Entity (XXE)4 documents4 sources
Severity
9.1CRITICAL
EPSS
13.9%
top 5.70%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
SAP Netweaver Application Server Java
Timeline
PublishedApr 7
Latest updateMay 13

Description

XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~webservice~web/ServerNodesWSService, aka SAP Security Note 2235994.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:HExploitability: 3.9 | Impact: 5.2

Affected Packages1 packages

NVDsap/netweaver_application7.107.50

🔴Vulnerability Details

2
GHSA
GHSA-m275-mcpg-x26f: XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 72022-05-13
CVEList
CVE-2016-3974: XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 72016-04-07

💥Exploits & PoCs

1
Exploit-DB
SAP NetWeaver AS JAVA 7.1 < 7.5 - 'ctcprotocol Servlet' XML External Entity2016-06-21
CVE-2016-3974 (CRITICAL CVSS 9.1) | XML external entity (XXE) vulnerabi | cvebase.io