High severity7.2NVD Advisory· Published Dec 12, 2017· Updated Jun 17, 2026
CVE-2017-16682
CVE-2017-16682
Description
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
8cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:sap:business_application_software_integrated_solution:*:*:*:*:*:*:*:*range: >=7.00,<=7.02
- cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*
- cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*
- cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_internet_transaction_server:-:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:sap:netweaver_internet_transaction_server:-:*:*:*:*:*:*:*
- (no CPE)
- (no CPE)range: from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/102143nvdThird Party AdvisoryVDB Entry
- blogs.sap.com/2017/12/12/sap-security-patch-day-december-2017/nvdVendor Advisory
- launchpad.support.sap.comnvdPermissions Required
News mentions
0No linked articles in our index yet.