CVE-2018-2401

Summary

SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Business Process Automation (BPA) By Redwood9.00affected

Weaknesses

  • XML External Entity

ADP Enrichment

CVE Program Container

Additional References

References