PT-2018-15564 · Nextlabs · Sap Dynamic Authorization Management

Publicado

2018-07-10

Atualizado

2018-09-06

CVE-2018-2440

CVSS v3.1

4.4

Média

Vetor

AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP Dynamic Authorization Management (DAM) by NextLabs versions 7.7 through 8.5

Description The issue exposes sensitive information in the application logs under certain circumstances.

Recommendations For versions 7.7 through 8.5, consider restricting access to the application logs to minimize the risk of sensitive information exposure until a patch is available.

Correção

Insertion into Log File

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-532

Identificadores relacionados

CVE-2018-2440

Produtos afetados

Sap Dynamic Authorization Management

PT-2018-15564 · Nextlabs · Sap Dynamic Authorization Management

CVE-2018-2440

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4