Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2016-9563

SAP | NetWeaverAdded 2021-11-03Remediation Deadline 2022-05-03

SAP NetWeaver XML External Entity (XXE) Vulnerability

SAP NetWeaver Application Server Java Platforms contains an unspecified vulnerability in BC-BMT-BPM-DSK which allows remote, authenticated users to conduct XML External Entity (XXE) attacks.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-611

References