Vulnerabilities > CVE-2018-2401 - XXE vulnerability in Redwood SAP Business Process Automation 9.00
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |