Lucene search
+L

4 matches found

NVD
NVD
added 2017/07/25 6:29 p.m.33 views

CVE-2017-11457

XML external entity XXE vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249...

6.5CVSS6.3AI score0.01373EPSS
Exploits0References2
Prion
Prion
added 2017/07/25 6:29 p.m.20 views

Server side request forgery (ssrf)

XML external entity XXE vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249...

4CVSS6.2AI score0.01373EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/07/25 6:0 p.m.68 views

CVE-2017-11457

CVE-2017-11457 is an XXE vulnerability in SAP NetWeaver AS JAVA 7.5, affecting the component com.sap.km.cm.ice . A remote authenticated attacker can abuse a crafted XML DTD to read arbitrary files or perform SSRF. The issue is documented against SAP NetWeaver AS JAVA 7.5 via SAP Security Note 238...

6.5CVSS6.2AI score0.01373EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/07/25 6:0 p.m.44 views

CVE-2017-11457

XML external entity XXE vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249...

6.3AI score0.01373EPSS
Exploits0References2
Rows per page
Query Builder