CVE-2015-4091 in SAP NetWeaver
摘要 (英语)
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java allows remote attackers to send TCP requests to intranet servers or possibly have other unspecified impact via an XML request, related to "CIM UPLOAD," aka SAP Security Note 2090851.
预定
2015-05-26
披露
2015-05-26
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 75562 | SAP NetWeaver XML Intranet 权限提升 | 269 | 未经证实 | 官方修复 | CVE-2015-4091 |