CVE-2015-2813

Published: Apr 1, 2015Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.

Affected (1)

Products: Sap: Mobile Platform

Sap

1 product

Mobile Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Mobile Platform	All versions

References (10)

http://packetstormsecurity.com/files/132357/SAP-Mobile-Platform-2.3-XXE-Injection.html

Source: cve@mitre.org

http://seclists.org/fulldisclosure/2015/Jun/63

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/535828/100/800/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/73692

Source: cve@mitre.org

https://erpscan.io/advisories/erpscan-15-005-sap-mobile-platform-xxe/

Source: cve@mitre.org

http://packetstormsecurity.com/files/132357/SAP-Mobile-Platform-2.3-XXE-Injection.html