cvedb.io
CVE-2017-7717
HIGH · CVSS 8.8
EPSS exploitation probability: 0%
Published 2017-04-14T18:59:01.110 · Last modified 2026-06-17T01:25:01.780

Summary

SQL injection vulnerability in the getUserUddiElements method in the ES UDDI component in SAP NetWeaver AS Java 7.4 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2356504.

Affected products

sap — netweaver_application_server_java

Does this affect you?

Add your gear to cvedb and we'll alert you only when sap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.