High severity8.1NVD Advisory· Published Aug 2, 2018· Updated Jun 17, 2026
CVE-2017-16349
CVE-2017-16349
Description
An exploitable XML external entity vulnerability exists in the reporting functionality of SAP BPC. A specially crafted XML request can cause an XML external entity to be referenced, resulting in information disclosure and potential denial of service. An attacker can issue authenticated HTTP requests to trigger this vulnerability.
Affected products
2Patches
Vulnerability mechanics
References
1- www.talosintelligence.com/vulnerability_reports/SAPnvdBroken Link
News mentions
0No linked articles in our index yet.