PT-2018-15525 · Sap · Sap Internet Graphics Server
Publicado
2018-02-14
·
Atualizado
2018-03-01
·
CVE-2018-2393
CVSS v3.1
7.5
Alta
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SAP Internet Graphics Server (IGS) versions 7.20, 7.20EXT, 7.45, 7.49, 7.53
Description
The issue arises from the failure to properly validate XML External Entity, which can cause the SAP Internet Graphics Server (IGS) to become unavailable under certain conditions.
Recommendations
For SAP Internet Graphics Server (IGS) version 7.20, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.20EXT, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.45, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.49, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.53, update to a version that properly validates XML External Entity.
Exploit
Correção
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sap Internet Graphics Server