SAP NetWeaver Portal XXE Vulnerability (SAP Security Note 2111939)

SAP NetWeaver Portal XXE Vulnerability (SAP Security Note 2111939)

CVE-2015-2811 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

XML external entity (XXE) vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939.

Learn more about our Cis Benchmark Audit For Server Software.