PT-2018-15576 · Sap · Sap Mobile Platform

Publicado

2018-09-11

Atualizado

2019-10-03

CVE-2018-2459

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP Mobile Platform version 3.0

Description The issue affects users of an SAP Mobile Platform Offline OData application, which utilizes Offline OData-supplied delta tokens by default. In some cases, users may receive data values belonging to a different user.

Recommendations For SAP Mobile Platform version 3.0, consider disabling the use of Offline OData-supplied delta tokens as a temporary workaround to minimize the risk of receiving unauthorized data.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-2459

Produtos afetados

Sap Mobile Platform

PT-2018-15576 · Sap · Sap Mobile Platform

CVE-2018-2459

Identificadores relacionados

Produtos afetados

Referências · 5