XML External Entity Vulnerability in SAP Mobile Platform
CVE-2015-2813

Currently unrated

Key Information:

Vendor: SAP
Status: Mobile Platform
Vendor: CVE Published:; 1 April 2015

Summary

The SAP Mobile Platform is susceptible to an XML External Entity (XXE) vulnerability that can allow attackers to craft malicious XML requests, potentially accessing sensitive intranet resources. This type of vulnerability can lead to unauthorized data disclosure or the exposure of internal systems, making it critical for organizations to apply necessary patches and mitigations promptly. Security Note 2125358 has been issued to address this issue, emphasizing the need for immediate awareness and action.

References

http://seclists.org/fulldisclosure/2015/Jun/63

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/archive/1/535828/100/800/thr...

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/73692

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Apr 1, 2015
Vulnerability Reserved
Apr 1, 2015