/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value is not valid an exception is thrown which is then used to display an error message to a user.
Read more...
Environment
SAP NetWeaver Application Server Java
Product
SAP NetWeaver all versions
Keywords
Apache Jakarta multipart parser RCE Remote Code Execution vulnerability struts S2-045 CVE-2017-5638 , KBA , BC-JAS-WEB , Web Container, HTTP, JavaMail, Servlets , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.
/support/notes/service/facebook.svg)
/support/notes/service/twitter.svg)
/support/notes/service/youtube.svg)
/support/notes/service/linkedin.svg)
/support/notes/service/instagram2.svg)