PT-2018-15601 · Sap · Sap Netweaver+1

Publicado

2018-12-11

Atualizado

2019-10-03

CVE-2018-2494

CVSS v3.1

8.0

Alta

Vetor

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP NetWeaver versions 700 through 750

Description The issue concerns the lack of necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has been fixed in SAP Basis AS ABAP of SAP NetWeaver.

Recommendations For versions 700 through 750, update to a version from 750 onwards where the fix is included, as these versions are delivered with the ABAP Platform that contains the necessary security patches.

Correção

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-863

Identificadores relacionados

CVE-2018-2494

Produtos afetados

Sap Basis As Abap

Sap Netweaver

PT-2018-15601 · Sap · Sap Netweaver+1

CVE-2018-2494

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4