Preface: When you are sitting on the same boat. The risks at the time of the event are equal.
Background: Open Data Protocol (OData) is an open protocol which allows the creation and consumption of queryable and interoperable RESTful APIs in a standard way. Apache Olingo is a Java library that implements the Open Data Protocol (OData). In SAP HANA DB environment, quite a lot of business application system will work with Apache Olingo.
Vulnerability details: The XML content type entity deserializer is not configured to deny the resolution of external entities. Request with content type “application/xml”, which trigger the deserialization of entities, can be used to trigger XXE attacks.
For security advice provided by Symantec, please refer to the link- https://www.symantec.com/security-center/vulnerabilities/writeup/111101?om_rssid=sr-advisories