CVE-2015-6662
First published: Mon Aug 24 2015(Updated: )
XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security Note 2168485.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SAP NetWeaver | =7.40 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2015-6662?
CVE-2015-6662 is considered a high severity vulnerability due to its potential for unauthorized file access and other impacts.
How do I fix CVE-2015-6662?
To mitigate CVE-2015-6662, apply the relevant patches from SAP as detailed in SAP Security Note 2168485.
What systems are affected by CVE-2015-6662?
CVE-2015-6662 affects SAP NetWeaver Portal version 7.40.
What type of vulnerability is CVE-2015-6662?
CVE-2015-6662 is an XML external entity (XXE) vulnerability that allows attackers to read arbitrary files.
Can CVE-2015-6662 be exploited remotely?
Yes, CVE-2015-6662 can be exploited remotely by sending crafted XML data.
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/tags
- agent/source
- vendor/sap
- canonical/sap netweaver
- version/sap netweaver/7.40