Vulnerabilities > CVE-2015-2813 - Unspecified vulnerability in SAP Mobile Platform
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- http://packetstormsecurity.com/files/132357/SAP-Mobile-Platform-2.3-XXE-Injection.html
- http://packetstormsecurity.com/files/132357/SAP-Mobile-Platform-2.3-XXE-Injection.html
- http://seclists.org/fulldisclosure/2015/Jun/63
- http://seclists.org/fulldisclosure/2015/Jun/63
- http://www.securityfocus.com/archive/1/535828/100/800/threaded
- http://www.securityfocus.com/archive/1/535828/100/800/threaded
- http://www.securityfocus.com/bid/73692
- http://www.securityfocus.com/bid/73692
- https://erpscan.io/advisories/erpscan-15-005-sap-mobile-platform-xxe/
- https://erpscan.io/advisories/erpscan-15-005-sap-mobile-platform-xxe/