Critical severity9.8NVD Advisory· Published Aug 5, 2016· Updated May 6, 2026

CVE-2016-6138

Description

Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

scn.sap.com/community/security/blog/2015/10/14/sap-security-notes-october-2015--reviewnvdVendor Advisory
www.securityfocus.com/bid/92060nvdThird Party AdvisoryVDB Entry
layersevensecurity.com/wp-content/uploads/2015/11/Layer-Seven-Security_SAP-Security-Notes_October-2015.pdfnvdTechnical Description
www.onapsis.com/research/security-advisories/sap-trex-remote-directory-traversalnvdPermissions Required
packetstormsecurity.com/files/138437/SAP-TREX-7.10-Revision-63-Directory-Traversal.htmlnvd
seclists.org/fulldisclosure/2016/Aug/114nvd
seclists.org/fulldisclosure/2016/Aug/86nvd
www.onapsis.com/blog/analyzing-sap-security-notes-october-2015nvd

News mentions

No linked articles in our index yet.

cvss	0.637
epss	0.013
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000