CVE-2015-5068

Name of the Vulnerable Software and Affected Versions SAP Mobile Platform 3

Description The issue is related to an XML external entity (XXE) vulnerability, which allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request. This is due to incorrect restriction of XML external entity references. The vulnerability can be exploited by a remote attacker using a specially crafted XML request, potentially allowing them to read arbitrary files.

Recommendations For SAP Mobile Platform 3, consider restricting or disabling the processing of external XML entities to minimize the risk of exploitation until a fix is available. As a temporary workaround, avoid using XML requests that could potentially trigger the vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.