CVE-2015-2818

3 documents3 sources

Severity

5.0MEDIUM

EPSS

0.4%

top 41.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Mobile Platform

Timeline

PublishedApr 1

Latest updateMay 14

Description

XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsap/mobile_platform3.0

🔴Vulnerability Details

GHSA

GHSA-8wgg-fh96-jqj2: XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP↗2022-05-14

▶

CVEList

CVE-2015-2818: XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP↗2015-04-01

▶