PT-2018-15576 · Sap · Sap Mobile Platform

Published

2018-09-11

Updated

2019-10-03

CVE-2018-2459

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP Mobile Platform version 3.0

Description The issue affects users of an SAP Mobile Platform Offline OData application, which utilizes Offline OData-supplied delta tokens by default. In some cases, users may receive data values belonging to a different user.

Recommendations For SAP Mobile Platform version 3.0, consider disabling the use of Offline OData-supplied delta tokens as a temporary workaround to minimize the risk of receiving unauthorized data.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-2459

Affected Products

Sap Mobile Platform

PT-2018-15576 · Sap · Sap Mobile Platform

CVE-2018-2459

Related Identifiers

Affected Products

References · 5