CVE-2016-6138

CWE-22 — Path Traversal3 documents3 sources

Severity

9.8CRITICAL

EPSS

15.7%

top 5.29%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Trex

Timeline

PublishedAug 5

Latest updateMay 17

Description

Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages1 packages

▶NVDsap/trex7.10

🔴Vulnerability Details

GHSA

GHSA-mw9p-6qwg-m87v: Directory traversal vulnerability in SAP TREX 7↗2022-05-17

▶

CVEList

CVE-2016-6138: Directory traversal vulnerability in SAP TREX 7↗2016-08-05

▶