CVE-2018-2428

Published: Jun 12, 2018Modified: Nov 21, 2024

5.3

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00.

Affected (6)

Products: Sap: Infrastructure, Ui

2 products

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Sap Infrastructure	Version 1.0
Sap Ui	Version 2.0
Sap Ui	Version 7.4
Sap Ui	Version 7.51
Sap Ui	Version 7.52
Sap Ui	Version 7.5

References (6)

http://www.securityfocus.com/bid/104446

Source: cna@sap.com

Third Party AdvisoryVDB Entry

https://launchpad.support.sap.com/#/notes/2621121

Source: cna@sap.com

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255

Source: cna@sap.com

Vendor Advisory

http://www.securityfocus.com/bid/104446

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://launchpad.support.sap.com/#/notes/2621121

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions Required

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.