ID
VAR-201705-4223
TITLE
SAP NetWeaver XML External Entity Injection Vulnerability
Trust: 0.3
sources:
BID: 98354
DESCRIPTION
SAP NetWeaver is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.
Trust: 0.3
sources:
BID: 98354
AFFECTED PRODUCTS
| vendor: | sap | model: | netweaver | scope: | eq | version: | 0 | Trust: 0.3 |
sources:
BID: 98354
THREAT TYPE
network
Trust: 0.3
sources:
BID: 98354
TYPE
Unknown
Trust: 0.3
sources:
BID: 98354
EXTERNAL IDS
| db: | BID | id: | 98354 | Trust: 0.3 |
sources:
BID: 98354
REFERENCES
| url: | http://www.sap.com/ | Trust: 0.3 |
| url: | https://launchpad.support.sap.com/#/notes/2406918 | Trust: 0.3 |
| url: | https://blogs.sap.com/2017/05/09/sap-security-patch-day-may-2017/ | Trust: 0.3 |
sources:
BID: 98354
CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
BID: 98354
SOURCES
| db: | BID | id: | 98354 |
LAST UPDATE DATE
2022-05-17T01:47:54.165000+00:00
SOURCES UPDATE DATE
| db: | BID | id: | 98354 | date: | 2017-05-23T16:23:00 |
SOURCES RELEASE DATE
| db: | BID | id: | 98354 | date: | 2017-05-09T00:00:00 |