CVE-2018-2419

Name of the Vulnerable Software and Affected Versions SAP Enterprise Financial Services versions 1.11 through 1.12 SAP Enterprise Financial Services versions 1.01 through 1.02 SAP Enterprise Financial Services versions 6.04 through 6.06 SAP Enterprise Financial Services versions 6.16 through 6.18 SAP Enterprise Financial Services version 8.0

Description The issue results in escalation of privileges due to insufficient authorization checks for authenticated users.

Recommendations For versions 1.11 and 1.12, ensure proper authorization checks are implemented for all users. For versions 1.01 and 1.02, apply the necessary patches to enforce authorization. For versions 6.04 through 6.06, restrict user privileges until a proper fix is applied. For versions 6.16 through 6.18, implement additional access controls to mitigate the risk. For version 8.0, consider disabling affected modules until a patch is available.