PT-2018-15501 · Sap · Sap Netweaver System Landscape Directory

Publicado

2018-03-01

Atualizado

2018-03-23

CVE-2018-2368

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP NetWeaver System Landscape Directory, LM-CORE versions 7.10 through 7.40

Description The issue concerns the lack of authentication checks for certain functionalities that require user identity, potentially allowing unauthorized access.

Recommendations For versions 7.10 through 7.40, apply the necessary patches or updates to ensure proper authentication checks are in place for all functionalities requiring user identity.

Correção

Missing Authentication

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-306

Identificadores relacionados

CVE-2018-2368

Produtos afetados

Sap Netweaver System Landscape Directory

PT-2018-15501 · Sap · Sap Netweaver System Landscape Directory

CVE-2018-2368

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5