CVE-2018-2462

Sažetak

In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.

Reference

http://www.securityfocus.com/bid/105326
https://launchpad.support.sap.com/#/notes/2644279
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499356993

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

26-11-2018 - 20:14

Objavljeno

11-09-2018 - 15:29