VYPR
High severity8.1NVD Advisory· Published Aug 2, 2018· Updated Jun 17, 2026

CVE-2017-16349

CVE-2017-16349

Description

An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HTTP requests to trigger this vulnerability.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.