ID

VAR-201706-1164


TITLE

SAP Business Planning and Consolidation XML External Entity Injection Vulnerability

Trust: 0.3

sources: BID: 99031

DESCRIPTION

SAP Business Planning and Consolidation is prone to an XML External Entity injection vulnerability. Attackers can exploit this issue to gain access to sensitive information or cause denial-of-service conditions.

Trust: 0.3

sources: BID: 99031

AFFECTED PRODUCTS

vendor:sapmodel:netweaverscope:eqversion:0

Trust: 0.3

vendor:sapmodel:business planning and consolidationscope:eqversion:0

Trust: 0.3

sources: BID: 99031

THREAT TYPE

network

Trust: 0.3

sources: BID: 99031

TYPE

Unknown

Trust: 0.3

sources: BID: 99031

EXTERNAL IDS

db:BIDid:99031

Trust: 0.3

sources: BID: 99031

REFERENCES

url:http://www.sap.com/

Trust: 0.3

url:https://launchpad.support.sap.com/#/notes/2457269

Trust: 0.3

url:https://blogs.sap.com/2017/06/13/sap-security-patch-day-june2017/

Trust: 0.3

sources: BID: 99031

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 99031

SOURCES

db:BIDid:99031

LAST UPDATE DATE

2022-05-17T01:50:56.991000+00:00


SOURCES UPDATE DATE

db:BIDid:99031date:2017-06-13T00:00:00

SOURCES RELEASE DATE

db:BIDid:99031date:2017-06-13T00:00:00