Close

HAVE QUESTIONS?

A partner account manager can help. Contact us today.

 Subscribe me to your mailing list

[ERPSCAN-12-043] SAP NetWeaver SPML – XML External Entity

Application: SAP NetWeaver JAVA Versions Affected: 6.40/7.02 maybe others Vendor URL: http://www.sap.com Bugs: XML External Entity Exploits: YES Reported: 08.04.2011 Vendor response: 09.04.2011 Patched by SAP: 11.09.2012 Date of Public Advisory: 15.12.2012 Reference: SAP Security Note 1621534 Authors: Alexey Tyurin (ERPScan)

Description
SAP XML parser used in SPML service validates all incoming XML requests with user specified DTD.

Business Risk
It is possible for attackers to send any packets to any port of any system including localhost. It means that it is possible, for example, to send any administrative command to Gateway or Message server because the source of the packet will be localhost, and there is no restrictions for localhost. Another example is an attack on other interfaces.