CVE-2018-2417

Published: May 9, 2018Modified: Nov 21, 2024

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted.

Affected (1)

Products: Sap: Identity Management

Sap

1 product

Identity Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Identity Management	Version 8.0

References (6)

http://www.securityfocus.com/bid/104112

Source: cna@sap.com

Third Party AdvisoryVDB Entry

https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2601492

Source: cna@sap.com

Permissions RequiredVendor Advisory

http://www.securityfocus.com/bid/104112

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2601492

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

Timeline

No history available yet.