ID
VAR-201701-1184
TITLE
SAP NetWeaver XML External Entity Information Disclosure Vulnerability
Trust: 0.3
sources:
BID: 95373
DESCRIPTION
SAP NetWeaver Java is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. SAP NetWeaver 7.5 is vulnerable.
Trust: 0.3
sources:
BID: 95373
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 7.5 | Trust: 0.3 |
sources:
BID: 95373
THREAT TYPE
network
Trust: 0.3
sources:
BID: 95373
TYPE
Input Validation Error
Trust: 0.3
sources:
BID: 95373
EXTERNAL IDS
| db: | BID | id: | 95373 | Trust: 0.3 |
sources:
BID: 95373
REFERENCES
| url: | http://www.sap.com/ | Trust: 0.3 |
| url: | https://erpscan.com/advisories/erpscan-17-004-sap-netweaver-java-7-5-xxe/ | Trust: 0.3 |
| url: | https://service.sap.com/sap/support/notes/2347439 | Trust: 0.3 |
sources:
BID: 95373
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 95373
SOURCES
| db: | BID | id: | 95373 |
LAST UPDATE DATE
2022-05-17T02:07:06.483000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 95373 | date: | 2017-01-12T00:14:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 95373 | date: | 2017-01-10T00:00:00 |