XML External Entity Vulnerability in SAP Mobile Platform by SAP
CVE-2015-5068

Currently unrated

Key Information:

Vendor: SAP
Status: Mobile Platform
Vendor: CVE Published:; 24 June 2015

Summary

The XML external entity (XXE) vulnerability in SAP Mobile Platform 3 enables remote attackers to exploit crafted XML requests. By manipulating XML input, attackers can potentially read arbitrary files on the server and may cause other unspecified impacts. This vulnerability highlights the importance of secure XML processing practices to protect sensitive data from unauthorized access.

References

http://packetstormsecurity.com/files/133514/SAP-Mobile-Pl...

x_refsource_MISC

http://www.securityfocus.com/bid/75166

vdb-entryx_refsource_BID

https://erpscan.io/advisories/erpscan-15-014-sap-mobile-p...

x_refsource_MISC

Timeline

Vulnerability published
Jun 24, 2015
Vulnerability Reserved
Jun 24, 2015