← volver
CVE-2015-2812

CVE-2015-2812

EPSS 2.5%
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://packetstormsecurity.com/files/132356/SAP-NetWeaver-Portal-7.31-XXE-Injection.htmlhttp://seclists.org/fulldisclosure/2015/Jun/62https://erpscan.io/advisories/erpscan-15-004-sap-netweaver-portal-xmlvalidationcomponent-xxe/http://www.securityfocus.com/archive/1/535826/100/800/threaded