CVE-2015-7968: 
SAP Application Server vulnerability analysis and mitigation

The vulnerability (CVE-2015-7968) affects SAP NetWeaver Application Server's nwbc_ext2int module, which is used for displaying data in side panels and converting external UI elements to internal representations. The vulnerability was discovered in June 2015 and allows XML External Entity (XXE) attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI (Integrity Labs).

The XXE vulnerability requires authentication and can be exploited by sending crafted XML content to the nwbc_ext2int endpoint. The vulnerability exists due to improper handling of XML External Entity entries when parsing XML input. The CVSS v3.1 base score is 4.3 (MEDIUM) with vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N. The vulnerability is classified under CWE-611 (Improper Restriction of XML External Entity Reference) (NVD).

When successfully exploited, the vulnerability allows authenticated attackers to read arbitrary files on the server through XML parsing. Since SAP is Java-based, the XML parser allows reading both files and directories. The access is restricted to the user context running SAP, but attackers could potentially access configuration files and SSH private keys, which could lead to further system compromise (Integrity Labs).

SAP has addressed this vulnerability by releasing Security Note 2183189. Users should apply the patch provided in this security note to protect their systems (Integrity Labs).