PT-2018-15501 · Sap · Sap Netweaver System Landscape Directory

Published

2018-03-01

Updated

2018-03-23

CVE-2018-2368

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP NetWeaver System Landscape Directory, LM-CORE versions 7.10 through 7.40

Description The issue concerns the lack of authentication checks for certain functionalities that require user identity, potentially allowing unauthorized access.

Recommendations For versions 7.10 through 7.40, apply the necessary patches or updates to ensure proper authentication checks are in place for all functionalities requiring user identity.

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2018-2368

Affected Products

Sap Netweaver System Landscape Directory

PT-2018-15501 · Sap · Sap Netweaver System Landscape Directory

CVE-2018-2368

Weakness Enumeration

Related Identifiers

Affected Products

References · 5