Preface: When you are sitting on the same boat. The risks at the time of the event are equal.
Background: Open Data Protocol (OData) is an open protocol which allows the creation and consumption of queryable and interoperable RESTful APIs in a standard way. Apache Olingo is a Java library that implements the Open Data Protocol (OData). In SAP HANA DB environment, quite a lot of business application system will work with Apache Olingo.
Vulnerability details: The XML content type entity deserializer is not configured to deny the resolution of external entities. Request with content type “application/xml”, which trigger the deserialization of entities, can be used to trigger XXE attacks.
For security advice provided by Symantec, please refer to the link- https://www.symantec.com/security-center/vulnerabilities/writeup/111101?om_rssid=sr-advisories
Hello, Neat post. There’s a problem with your site in web explorer,
might check this? IE nonetheless is the marketplace chief and
a huge component of folks will miss your great writing because of this problem.
It’s really a nice and helpful piece of info.
I am happy that you shared this helpful information with us.
Please keep us informed like this. Thank you for sharing.