Vulnerability in Sap Netweaver_enterprise_portal
CVE-2015-2811
XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.
EPSS: 0.024 (81.9th percentile) — read the EPSS interpretation.
Affected products
- Sap Netweaver_enterprise_portal — versions 7.31
- N/a — versions n/a
References
- cve@mitre.org (mailing-list, x_refsource_FULLDISC)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_MISC)