| ID |
CVE-2018-2494
|
| Summary |
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.00:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.00:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.01:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.01:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.02:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.02:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.10:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.11:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.11:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.30:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.31:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.40:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.50:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.50:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.51:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.51:*:*:*:*:*:*:*
-
cpe:2.3:a:sap:business_application_software_integrated_solution:7.52:*:*:*:*:*:*:*
cpe:2.3:a:sap:business_application_software_integrated_solution:7.52:*:*:*:*:*:*:*
|
| CVSS |
| Base: | 6.5 (as of 03-10-2019 - 00:03) |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-863 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
SINGLE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| PARTIAL |
PARTIAL |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
| refmap
via4
|
|
| Last major update |
03-10-2019 - 00:03 |
| Published |
11-12-2018 - 22:29 |
| Last modified |
03-10-2019 - 00:03 |
