| ID | CVE-2018-2381 | ||||||
| Summary | SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | ||||||
| References | |||||||
| Vulnerable Configurations |
|
||||||
| CVSS |
|
||||||
| CWE | CWE-862 | ||||||
| CAPEC |
|
||||||
| Access |
|
||||||
| Impact |
|
||||||
| cvss-vector via4 | AV:N/AC:L/Au:S/C:P/I:P/A:P | ||||||
| refmap via4 |
|
||||||
| Last major update | 03-10-2019 - 00:03 | ||||||
| Published | 14-02-2018 - 12:29 | ||||||
| Last modified | 03-10-2019 - 00:03 |
