Vigil@nce: SAP NetWeaver BW, file reading
October 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use an external XML entity, in order to read a
file of SAP NetWeaver BW.
– Impacted products: SAP ERP, NetWeaver
– Severity: 2/4
– Creation date: 08/10/2012
DESCRIPTION OF THE VULNERABILITY
An attacker can use an external XML entity, in order to read a
file of SAP NetWeaver BW.
Technical details are unknown.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/SAP-NetWeaver-BW-file-reading-12005