[ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component – XXE vulnerability

Posted by ERPScan inc on Jul 15

Application: SAP NetWeaver AS JAVA

Versions Affected: SAP NetWeaver AS JAVA 7.4

Bug: XXE

Sent: 04.12.2015

Reported: 05.12.2015

Vendor response: 05.12.2015

Date of Public Advisory: 12.04.2016

Reference: SAP Security Note 2254389

Author: Vahagn Vardanyan (ERPScan)

Description

1. ADVISORY INFORMATION

Title: SAP NetWeaver AS JAVA UDDI component – XXE vulnerability

Advisory ID: [ERPSCAN-16-020]

Risk:…

007 Software