PT-2018-15525 · Sap · Sap Internet Graphics Server
Published
2018-02-14
·
Updated
2018-03-01
·
CVE-2018-2393
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
SAP Internet Graphics Server (IGS) versions 7.20, 7.20EXT, 7.45, 7.49, 7.53
Description
The issue arises from the failure to properly validate XML External Entity, which can cause the SAP Internet Graphics Server (IGS) to become unavailable under certain conditions.
Recommendations
For SAP Internet Graphics Server (IGS) version 7.20, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.20EXT, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.45, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.49, update to a version that properly validates XML External Entity.
For SAP Internet Graphics Server (IGS) version 7.53, update to a version that properly validates XML External Entity.
Exploit
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sap Internet Graphics Server