CVE-2015-5068

3 documents3 sources

Severity

7.5HIGH

EPSS

1.0%

top 23.56%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Mobile Platform

Timeline

PublishedJun 24

Latest updateMay 14

Description

XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDsap/mobile_platform3.0

🔴Vulnerability Details

GHSA

GHSA-h548-2rxv-x7x7: XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified im↗2022-05-14

▶

CVEList

CVE-2015-5068: XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to read arbitrary files or possibly have other unspecified im↗2015-06-24

▶