Skip links

XML External Entity vulnerability in Crystal Reports for Enterprise, SAP security note 2569748

Description

A user can experience errors/hangs when interacting with a Crystal Reports for Enterprise report that embeds an Xcelsius SWF object.

Available fix and Supported packages

  • ENTERPRISE | 410 | 410
  • ENTERPRISE | 420 | 420
  • SBOP BI PLATFORM SERVERS 4.1 | SP011 | 000000
  • SBOP BI PLATFORM SERVERS 4.2 | SP006 | 000000

Affected component

    BI-RA-CRE
    Crystal Reports for Enterprise

CVSS

Score: 0

Exploit

Detailed vulnerability information added to RedRays Security Platform. Contact [email protected] for details.

URL

https://launchpad.support.sap.com/#/notes/2569748

TAGS

#Crystal-Reports-for-Enterprise
#XML-External-Entity
#Xcelsius
#SWF

How to detect over 4100 vulnerabilities in SAP Systems?

More to explorer

Initiating SAP Penetration Testing

►   Pentest, short for penetration testing, refers to a set of processes that simulate an attacker’s actions to identify security vulnerabilities. Companies