Описание
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966.
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-2812
- https://erpscan.io/advisories/erpscan-15-004-sap-netweaver-portal-xmlvalidationcomponent-xxe
- http://packetstormsecurity.com/files/132356/SAP-NetWeaver-Portal-7.31-XXE-Injection.html
- http://seclists.org/fulldisclosure/2015/Jun/62
- http://www.securityfocus.com/archive/1/535826/100/800/threaded
EPSS
Процентиль: 68%
0.0057
Низкий
CVE ID
Связанные уязвимости
nvd
почти 11 лет назад
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966.
EPSS
Процентиль: 68%
0.0057
Низкий