CVE-2015-6664

Currently unrated

Key Information:

Vendor: SAP
Status: Mobile Platform
Vendor: CVE Published:; 24 August 2015

Summary

XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platform 2.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2152227.

References

https://erpscan.io/advisories/erpscan-15-020-sap-mobile-p...

x_refsource_MISC

http://www.securityfocus.com/archive/1/536954/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://seclists.org/fulldisclosure/2015/Nov/96

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Aug 24, 2015
Vulnerability Reserved
Aug 24, 2015