Описание
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2015-2811
- https://erpscan.io/advisories/erpscan-15-006-sap-netweaver-portal-reportxmlviewer-xxe
- http://packetstormsecurity.com/files/132358/SAP-NetWeaver-Portal-7.31-XXE-Injection.html
- http://seclists.org/fulldisclosure/2015/Jun/64
- http://www.securityfocus.com/archive/1/535827/100/800/threaded
- http://www.securityfocus.com/bid/73691
EPSS
Процентиль: 71%
0.00657
Низкий
CVE ID
Связанные уязвимости
nvd
почти 11 лет назад
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
EPSS
Процентиль: 71%
0.00657
Низкий