Vulnerabilities > Redwood > SAP Business Process Automation > 9.1

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-14	CVE-2018-2366	Path Traversal vulnerability in Redwood SAP Business Process Automation 9.0/9.1 SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. network low complexity redwood CWE-22	4.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.