PT-2018-15601 · Sap · Sap Netweaver+1

Published

2018-12-11

Updated

2019-10-03

CVE-2018-2494

CVSS v3.1

8.0

High

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions SAP NetWeaver versions 700 through 750

Description The issue concerns the lack of necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has been fixed in SAP Basis AS ABAP of SAP NetWeaver.

Recommendations For versions 700 through 750, update to a version from 750 onwards where the fix is included, as these versions are delivered with the ABAP Platform that contains the necessary security patches.

Fix

Incorrect Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-863

Related Identifiers

CVE-2018-2494

Affected Products

Sap Basis As Abap

Sap Netweaver

PT-2018-15601 · Sap · Sap Netweaver+1

CVE-2018-2494

Weakness Enumeration

Related Identifiers

Affected Products

References · 4