Severity

Medium

Analysis Summary

A vulnerability was found in SAP NetWeaver and ABAP Platform (Solution Stack Software).  Affected by this issue is some processing of the component ABAP Server. The manipulation as part of a XML Document leads to a privilege escalation vulnerability (XXE).

Impact

• Exposure of sensitive information.
• Denial of service.

Affected Products

SAP NetWeaver ABAP 7.50
SAP NetWeaver ABAP 7.49
SAP NetWeaver ABAP 7.45
SAP NetWeaver ABAP 7.40
SAP NetWeaver ABAP 7.31
SAP NetWeaver ABAP 7.30
SAP NetWeaver ABAP 7.22EXT
SAP NetWeaver ABAP 7.22
SAP NetWeaver ABAP 7.21EXT
SAP NetWeaver ABAP 7.21
SAP NetWeaver ABAP 7.11
SAP NetWeaver ABAP 7.10
SAP NetWeaver ABAP 7.03 Sp4
SAP NetWeaver ABAP 7.02 Sp6
SAP NetWeaver ABAP 7.02
SAP NetWeaver ABAP 7.00
SAP Kernel 7.53
SAP Kernel 7.49
SAP Kernel 7.45
SAP Kernel 7.22
SAP Kernel 7.21

Remediation

Vendor has not released any patches or updates yet.