CVE-2012-2611

Name of the Vulnerable Software and Affected Versions SAP NetWeaver versions 7.0 EHP1 and 7.0 EHP2

Description The issue allows remote attackers to execute arbitrary code via a crafted SAP Diag packet when a certain Developer Trace configuration is enabled in the DiagTraceR3Info function.

Recommendations For SAP NetWeaver version 7.0 EHP1, consider disabling the Developer Trace configuration to prevent exploitation. For SAP NetWeaver version 7.0 EHP2, consider disabling the Developer Trace configuration to prevent exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.