PT-2015-5201 · Sap · Sap Netweaver As Abap
Published
2015-01-22
·
Updated
2022-10-06
·
CVE-2015-1309
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
SAP NetWeaver AS ABAP versions 7.31 and earlier
Description
The issue allows remote attackers to access arbitrary files via a crafted XML request. This is related to the ECATT DISPLAY XMLSTRING REMOTE function.
Recommendations
For SAP NetWeaver AS ABAP versions 7.31 and earlier, apply the fix provided in SAP Note 2016638 to resolve the issue.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sap Netweaver As Abap