Critical severity9.9NVD Advisory· Published Dec 10, 2016· Updated Jun 17, 2026
CVE-2016-9832
CVE-2016-9832
Description
PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:pwc:ace-advanced_business_application_programming:8.10.304:*:*:*:*:*:*:*
- Range: = 8.10.304
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/140062/PwC-ACE-Software-For-SAP-Security-8.10.304-ABAP-Injection.htmlnvdExploitThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2016/Dec/33nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/archive/1/539883/30/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/94733nvdThird Party AdvisoryVDB Entry
- www.esnc.de/security-advisories/vulnerability-in-pwc-ace-for-sap-securitynvdPermissions Required
- www.securityfocus.com/archive/1/539883/100/0/threadednvd
News mentions
0No linked articles in our index yet.