Computer Security
[EN] no-pyccku

SAP Mobile Platform XXE injection
updated since 29.06.2015
SecurityVulns ID:14555
Threat Level:
Description:Few XXE injections.
Affected:SAP : SAP Mobile Platform 2.3
CVE:CVE-2015-5068 (XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.)
 CVE-2015-2813 (XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.)
Original documentdocumentERPScan inc, [ERPSCAN-15-014] SAP Mobile Platform 3 – XXE in Add Repository (14.09.2015)
 documentDarya Maenkova, [ERPSCAN-15-005] SAP Mobile Platform - XXE (29.06.2015)
 documentDarya Maenkova, [ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE (29.06.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod