Vulnerability Details CVE-2017-16685
Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 56.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- http://www.securityfocus.com/bid/102148
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
- https://launchpad.support.sap.com/#/notes/2537545
- http://www.securityfocus.com/bid/102148
- https://blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/
- https://launchpad.support.sap.com/#/notes/2537545
Products affected by CVE-2017-16685
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.10
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.11
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.20
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.30
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.31
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.40
-
cpe:2.3:a:sap:business_warehouse_universal_data_integration:7.50