An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows the attacker to read any file on the server with no effect on integrity or availability
https://www.securityweek.com/sap-patches-critical-vulnerability-in-netweaver/
https://securityaffairs.com/171839/security/sap-fixed-critical-ssrf-flaw-netweaver.html