CVE-2015-6662

Published: Aug 24, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://packetstormsecurity.com/files/134507/SAP-NetWeaver-7.4-XXE-Injection.html

x_refsource_MISC

https://erpscan.io/advisories/erpscan-15-018-sap-netweaver-7-4-xxe/

x_refsource_MISC

20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE

mailing-list

x_refsource_FULLDISC

20151123 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE

mailing-list

x_refsource_BUGTRAQ

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-6662

Description

Affected Products

References