cvelistv5 - cve-2018-2424

CVE-2018-2424 (GCVE-0-2018-2424)

Vulnerability from cvelistv5

Published

2018-06-12 15:00

Modified

2024-08-05 04:21

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Cross-Site Scripting

Summary

References

URL

Tags

cna@sap.com	http://www.securityfocus.com/bid/104459	Third Party Advisory, VDB Entry
cna@sap.com	https://launchpad.support.sap.com/#/notes/2538856	Permissions Required, Vendor Advisory
cna@sap.com	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104459	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://launchpad.support.sap.com/#/notes/2538856	Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255	Vendor Advisory

Impacted products

Vendor

Product

Version

SAP SE

SAP HANA Database

Version: 1.0
Version: 2.0

SAP SE	SAP UI5	Version: 1.0
SAP SE	SAP UI5(Java)	Version: 7.3 Version: 7.31 Version: 7.40 Version: 7.50
SAP SE	SAP UI	Version: 7.40 Version: 7.50 Version: 7.51 Version: 7.52
SAP SE	SAP UI for SAP NetWeaver 7.00	Version: 2.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T04:21:33.271Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://launchpad.support.sap.com/#/notes/2538856"
          },
          {
            "name": "104459",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/104459"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "SAP HANA Database",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            },
            {
              "status": "affected",
              "version": "2.0"
            }
          ]
        },
        {
          "product": "SAP UI5",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "1.0"
            }
          ]
        },
        {
          "product": "SAP UI5(Java)",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "7.3"
            },
            {
              "status": "affected",
              "version": "7.31"
            },
            {
              "status": "affected",
              "version": "7.40"
            },
            {
              "status": "affected",
              "version": "7.50"
            }
          ]
        },
        {
          "product": "SAP UI",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "7.40"
            },
            {
              "status": "affected",
              "version": "7.50"
            },
            {
              "status": "affected",
              "version": "7.51"
            },
            {
              "status": "affected",
              "version": "7.52"
            }
          ]
        },
        {
          "product": "SAP UI for SAP NetWeaver 7.00",
          "vendor": "SAP SE",
          "versions": [
            {
              "status": "affected",
              "version": "2.0"
            }
          ]
        }
      ],
      "datePublic": "2018-06-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Cross-Site Scripting",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-15T09:57:01",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://launchpad.support.sap.com/#/notes/2538856"
        },
        {
          "name": "104459",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/104459"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2018-2424",
          "STATE": "PUBLIC",
          "vendor_name": "SAP SE"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "SAP HANA Database",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "1.0"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "2.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAP UI5",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "1.0"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAP UI5(Java)",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "7.3"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.31"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.40"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.50"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAP UI",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "7.40"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.50"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.51"
                          },
                          {
                            "version_affected": "=",
                            "version_value": "7.52"
                          }
                        ]
                      }
                    },
                    {
                      "product_name": "SAP UI for SAP NetWeaver 7.00",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "2.0"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "SAP SE"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
            }
          ]
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Cross-Site Scripting"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://launchpad.support.sap.com/#/notes/2538856",
              "refsource": "MISC",
              "url": "https://launchpad.support.sap.com/#/notes/2538856"
            },
            {
              "name": "104459",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/104459"
            },
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
              "refsource": "CONFIRM",
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
            }
          ]
        },
        "source": {
          "discovery": "UNKNOWN"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2018-2424",
    "datePublished": "2018-06-12T15:00:00",
    "dateReserved": "2017-12-15T00:00:00",
    "dateUpdated": "2024-08-05T04:21:33.271Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-2424\",\"sourceIdentifier\":\"cna@sap.com\",\"published\":\"2018-06-12T15:29:00.307\",\"lastModified\":\"2024-11-21T04:03:47.570\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00\"},{\"lang\":\"es\",\"value\":\"SAP UI5 no valid\u00f3 las entradas de usuario antes de a\u00f1adirlas a la estructura DOM. Esto podr\u00eda conducir a que se a\u00f1ada al DOM c\u00f3digo JavaScript malicioso proporcionado por el usuario que podr\u00eda robar informaci\u00f3n del usuario. Los componentes de software afectados son: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52 y la versi\u00f3n 2.0 de SAP UI para SAP NetWeaver 7.00\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"cna@sap.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"528C05CB-315F-465C-8C25-EF85AA7D19B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C6CA542-7071-48B6-B135-3AE9B4BB1DC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*\",\"matchCriteriaId\":\"BAC1FC47-D27B-4D31-B0CB-84CB75B9B314\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6A245CAD-2365-48F5-994D-65658825DA3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD311636-17EB-4DEA-8A9B-9539B4B43C3F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2AE480CB-D830-42D5-B297-3D5874AEFA36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"830F67FF-0DEA-4B07-A3E0-CDCD01888DED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFBC9A13-184E-403D-9F4C-435A46A3F92A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"500E7A87-9E8C-464D-9316-F4F2FDECFDA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C959F430-EF52-48FE-838D-40B87019B61D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FC625547-85B8-4E19-B7DC-32BC25603F3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F01D0C09-61E9-48CE-8440-9513B79845B2\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/104459\",\"source\":\"cna@sap.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://launchpad.support.sap.com/#/notes/2538856\",\"source\":\"cna@sap.com\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255\",\"source\":\"cna@sap.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/104459\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://launchpad.support.sap.com/#/notes/2538856\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Vendor Advisory\"]},{\"url\":\"https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
  }
}

gsd-2018-2424

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-2424

Aliases

CVE-2018-2424

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-2424",
    "description": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00",
    "id": "GSD-2018-2424"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-2424"
      ],
      "details": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00",
      "id": "GSD-2018-2424",
      "modified": "2023-12-13T01:22:31.679392Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cna@sap.com",
        "ID": "CVE-2018-2424",
        "STATE": "PUBLIC",
        "vendor_name": "SAP SE"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "SAP HANA Database",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "1.0"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "2.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SAP UI5",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "1.0"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SAP UI5(Java)",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "7.3"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.31"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.40"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.50"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SAP UI",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "7.40"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.50"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.51"
                        },
                        {
                          "version_affected": "=",
                          "version_value": "7.52"
                        }
                      ]
                    }
                  },
                  {
                    "product_name": "SAP UI for SAP NetWeaver 7.00",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "2.0"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "SAP SE"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
          }
        ]
      },
      "impact": {
        "cvss": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        }
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Cross-Site Scripting"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://launchpad.support.sap.com/#/notes/2538856",
            "refsource": "MISC",
            "url": "https://launchpad.support.sap.com/#/notes/2538856"
          },
          {
            "name": "104459",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/104459"
          },
          {
            "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
            "refsource": "CONFIRM",
            "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
          }
        ]
      },
      "source": {
        "discovery": "UNKNOWN"
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cna@sap.com",
          "ID": "CVE-2018-2424"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-20"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
            },
            {
              "name": "https://launchpad.support.sap.com/#/notes/2538856",
              "refsource": "MISC",
              "tags": [
                "Permissions Required",
                "Vendor Advisory"
              ],
              "url": "https://launchpad.support.sap.com/#/notes/2538856"
            },
            {
              "name": "104459",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/104459"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": true,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-10-09T23:40Z",
      "publishedDate": "2018-06-12T15:29Z"
    }
  }
}

cnvd-2018-11475

Vulnerability from cnvd

Title

SAP Hana DB、UI5和UI跨站脚本漏洞

Description

SAP Hana DB、UI5和UI都是德国思爱普（SAP）公司的产品。SAP Hana DB是一个基于行和列的内存数据库。UI5和UI都是基于JavaScript的UI库，它集成了大量的UI控件。 SAP Hana DB、UI5和UI中存在安全漏洞，该漏洞源于程序在将用户输入添加到DOM框架之前未能验证该输入。攻击者可利用该漏洞向DOM中添加恶意的JavaScript代码，窃取用户信息。

Severity

中

Patch Name

SAP Hana DB、UI5和UI跨站脚本漏洞的补丁

Patch Description

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255

Reference

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255

Impacted products

Name
['SAP UI 7.51', 'SAP UI ，7.52', 'SAP UI 2.0', 'SAP Hana Database 1.00', 'SAP Hana Database 2.00', 'SAP UI5 1.00', 'SAP UI5(Java) 7.30', 'SAP UI5(Java) 7.31', 'SAP UI5(Java) 7.40', 'SAP UI5(Java) 7.50', 'SAP UI 7.40', 'SAP UI 7.50']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-2424"
    }
  },
  "description": "SAP Hana DB\u3001UI5\u548cUI\u90fd\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002SAP Hana DB\u662f\u4e00\u4e2a\u57fa\u4e8e\u884c\u548c\u5217\u7684\u5185\u5b58\u6570\u636e\u5e93\u3002UI5\u548cUI\u90fd\u662f\u57fa\u4e8eJavaScript\u7684UI\u5e93\uff0c\u5b83\u96c6\u6210\u4e86\u5927\u91cf\u7684UI\u63a7\u4ef6\u3002\r\n\r\nSAP Hana DB\u3001UI5\u548cUI\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5728\u5c06\u7528\u6237\u8f93\u5165\u6dfb\u52a0\u5230DOM\u6846\u67b6\u4e4b\u524d\u672a\u80fd\u9a8c\u8bc1\u8be5\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411DOM\u4e2d\u6dfb\u52a0\u6076\u610f\u7684JavaScript\u4ee3\u7801\uff0c\u7a83\u53d6\u7528\u6237\u4fe1\u606f\u3002",
  "discovererName": "unknwon",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-11475",
  "openTime": "2018-06-14",
  "patchDescription": "SAP Hana DB\u3001UI5\u548cUI\u90fd\u662f\u5fb7\u56fd\u601d\u7231\u666e\uff08SAP\uff09\u516c\u53f8\u7684\u4ea7\u54c1\u3002SAP Hana DB\u662f\u4e00\u4e2a\u57fa\u4e8e\u884c\u548c\u5217\u7684\u5185\u5b58\u6570\u636e\u5e93\u3002UI5\u548cUI\u90fd\u662f\u57fa\u4e8eJavaScript\u7684UI\u5e93\uff0c\u5b83\u96c6\u6210\u4e86\u5927\u91cf\u7684UI\u63a7\u4ef6\u3002\r\n\r\nSAP Hana DB\u3001UI5\u548cUI\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u5728\u5c06\u7528\u6237\u8f93\u5165\u6dfb\u52a0\u5230DOM\u6846\u67b6\u4e4b\u524d\u672a\u80fd\u9a8c\u8bc1\u8be5\u8f93\u5165\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5411DOM\u4e2d\u6dfb\u52a0\u6076\u610f\u7684JavaScript\u4ee3\u7801\uff0c\u7a83\u53d6\u7528\u6237\u4fe1\u606f\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "SAP Hana DB\u3001UI5\u548cUI\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "SAP UI 7.51",
      "SAP UI \uff0c7.52",
      "SAP UI 2.0",
      "SAP Hana Database 1.00",
      "SAP Hana Database 2.00",
      "SAP UI5 1.00",
      "SAP UI5(Java) 7.30",
      "SAP UI5(Java) 7.31",
      "SAP UI5(Java) 7.40",
      "SAP UI5(Java) 7.50",
      "SAP UI 7.40",
      "SAP UI 7.50"
    ]
  },
  "referenceLink": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255",
  "serverity": "\u4e2d",
  "submitTime": "2018-06-14",
  "title": "SAP Hana DB\u3001UI5\u548cUI\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e"
}

fkie_cve-2018-2424

Vulnerability from fkie_nvd

Published

2018-06-12 15:29

Modified

2024-11-21 04:03

Severity ?

9.8 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
cna@sap.com	http://www.securityfocus.com/bid/104459	Third Party Advisory, VDB Entry
cna@sap.com	https://launchpad.support.sap.com/#/notes/2538856	Permissions Required, Vendor Advisory
cna@sap.com	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/104459	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://launchpad.support.sap.com/#/notes/2538856	Permissions Required, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255	Vendor Advisory

Impacted products

Vendor	Product	Version
sap	hana_database	1.00
sap	hana_database	2.00
sap	ui	2.0
sap	ui	7.40
sap	ui	7.50
sap	ui	7.51
sap	ui	7.52
sap	ui5	1.00
sap	ui5_java	7.30
sap	ui5_java	7.31
sap	ui5_java	7.40
sap	ui5_java	7.50

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:sap:hana_database:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "528C05CB-315F-465C-8C25-EF85AA7D19B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:hana_database:2.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C6CA542-7071-48B6-B135-3AE9B4BB1DC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui:2.0:*:*:*:*:netweaver_7.0:*:*",
              "matchCriteriaId": "BAC1FC47-D27B-4D31-B0CB-84CB75B9B314",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui:7.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "6A245CAD-2365-48F5-994D-65658825DA3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui:7.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD311636-17EB-4DEA-8A9B-9539B4B43C3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui:7.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AE480CB-D830-42D5-B297-3D5874AEFA36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui:7.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "830F67FF-0DEA-4B07-A3E0-CDCD01888DED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui5:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBC9A13-184E-403D-9F4C-435A46A3F92A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui5_java:7.30:*:*:*:*:*:*:*",
              "matchCriteriaId": "500E7A87-9E8C-464D-9316-F4F2FDECFDA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui5_java:7.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "C959F430-EF52-48FE-838D-40B87019B61D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui5_java:7.40:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC625547-85B8-4E19-B7DC-32BC25603F3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sap:ui5_java:7.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01D0C09-61E9-48CE-8440-9513B79845B2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00"
    },
    {
      "lang": "es",
      "value": "SAP UI5 no valid\u00f3 las entradas de usuario antes de a\u00f1adirlas a la estructura DOM. Esto podr\u00eda conducir a que se a\u00f1ada al DOM c\u00f3digo JavaScript malicioso proporcionado por el usuario que podr\u00eda robar informaci\u00f3n del usuario. Los componentes de software afectados son: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52 y la versi\u00f3n 2.0 de SAP UI para SAP NetWeaver 7.00"
    }
  ],
  "id": "CVE-2018-2424",
  "lastModified": "2024-11-21T04:03:47.570",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "cna@sap.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-12T15:29:00.307",
  "references": [
    {
      "source": "cna@sap.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104459"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/2538856"
    },
    {
      "source": "cna@sap.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/104459"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Vendor Advisory"
      ],
      "url": "https://launchpad.support.sap.com/#/notes/2538856"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
    }
  ],
  "sourceIdentifier": "cna@sap.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-5q23-7rqm-g3pj

Vulnerability from github

Published

2022-05-13 01:32

Modified

2022-05-13 01:32

Severity ?

7.5 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-2424"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-20"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-06-12T15:29:00Z",
    "severity": "HIGH"
  },
  "details": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00",
  "id": "GHSA-5q23-7rqm-g3pj",
  "modified": "2022-05-13T01:32:21Z",
  "published": "2022-05-13T01:32:21Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2424"
    },
    {
      "type": "WEB",
      "url": "https://launchpad.support.sap.com/#/notes/2538856"
    },
    {
      "type": "WEB",
      "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/104459"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

De multiples vulnérabilités ont été découvertes dans les produits SAP. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
SAP	N/A	SAP Business Objects Enterprise
SAP	N/A	SAP Internet Sales
SAP	N/A	SAP UI5 Handler
SAP	N/A	SAP Business Objects CMC, BI Launchpad, Friorified BI Launchpad
SAP	N/A	SAP UI5
SAP	N/A	SAP Business Client
SAP	N/A	SAP Identity Management
SAP	N/A	SAP Business One
SAP	N/A	SAP BASIS

References

Title

Publication Time

var-201806-1433

Vulnerability from variot

SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201806-1433",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "ui",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "sap",
        "version": "7.52"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "sap",
        "version": "7.51"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "sap",
        "version": "7.50"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 2.7,
        "vendor": "sap",
        "version": "7.40"
      },
      {
        "model": "hana database",
        "scope": "eq",
        "trust": 2.4,
        "vendor": "sap",
        "version": "1.00"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 2.1,
        "vendor": "sap",
        "version": "2.0"
      },
      {
        "model": "ui5",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "sap",
        "version": "1.00"
      },
      {
        "model": "hana database",
        "scope": "eq",
        "trust": 1.8,
        "vendor": "sap",
        "version": "2.00"
      },
      {
        "model": "ui5 java",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.50"
      },
      {
        "model": "ui5 java",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.31"
      },
      {
        "model": "ui5 java",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.30"
      },
      {
        "model": "ui5 java",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "sap",
        "version": "7.40"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "5 1.00"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "5 java 7"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "50"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "5 java 7.30"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "5 java 7.31"
      },
      {
        "model": "ui",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "sap",
        "version": "5 java 7.40"
      },
      {
        "model": "ui5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.50"
      },
      {
        "model": "ui5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.40"
      },
      {
        "model": "ui5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.31"
      },
      {
        "model": "ui5",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.30"
      },
      {
        "model": "netweaver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "7.0"
      },
      {
        "model": "hana db",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "2.00"
      },
      {
        "model": "hana db",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "sap",
        "version": "1.00"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "104459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:sap:hana_database",
                "vulnerable": true
              },
              {
                "cpe22Uri": "cpe:/a:sap:ui",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "The vendor reported this issue.",
    "sources": [
      {
        "db": "BID",
        "id": "104459"
      }
    ],
    "trust": 0.3
  },
  "cve": "CVE-2018-2424",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "CVE-2018-2424",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "MEDIUM",
            "trust": 1.8,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "nvd@nist.gov",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-2424",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.8,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "cna@sap.com",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "id": "CVE-2018-2424",
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2018-2424",
            "trust": 1.0,
            "value": "HIGH"
          },
          {
            "author": "cna@sap.com",
            "id": "CVE-2018-2424",
            "trust": 1.0,
            "value": "CRITICAL"
          },
          {
            "author": "NVD",
            "id": "CVE-2018-2424",
            "trust": 0.8,
            "value": "High"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201806-735",
            "trust": 0.6,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00. SAP UI5 is prone to an cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. \nRemote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the  context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "BID",
        "id": "104459"
      }
    ],
    "trust": 1.89
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-2424",
        "trust": 2.7
      },
      {
        "db": "BID",
        "id": "104459",
        "trust": 1.9
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735",
        "trust": 0.6
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "104459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "id": "VAR-201806-1433",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VARIoT devices database",
        "id": null
      }
    ],
    "trust": 0.27111164
  },
  "last_update_date": "2024-11-23T23:08:38.602000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "June 2018 Security Releases",
        "trust": 0.8,
        "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255"
      },
      {
        "title": "SAP Hana DB , UI5  and UI Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=80900"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-20",
        "trust": 1.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.9,
        "url": "https://launchpad.support.sap.com/#/notes/2538856"
      },
      {
        "trust": 1.9,
        "url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=495289255"
      },
      {
        "trust": 1.6,
        "url": "http://www.securityfocus.com/bid/104459"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2424"
      },
      {
        "trust": 0.8,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-2424"
      },
      {
        "trust": 0.3,
        "url": "http://www.sap.com"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "104459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "BID",
        "id": "104459"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-06-12T00:00:00",
        "db": "BID",
        "id": "104459"
      },
      {
        "date": "2018-08-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "date": "2018-06-13T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "date": "2018-06-12T15:29:00.307000",
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-06-12T00:00:00",
        "db": "BID",
        "id": "104459"
      },
      {
        "date": "2018-08-24T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      },
      {
        "date": "2019-10-17T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      },
      {
        "date": "2024-11-21T04:03:47.570000",
        "db": "NVD",
        "id": "CVE-2018-2424"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "SAP UI5 Input validation vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-006576"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Input Validation Error",
    "sources": [
      {
        "db": "BID",
        "id": "104459"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201806-735"
      }
    ],
    "trust": 0.9
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2018-2424 (GCVE-0-2018-2424)

Vulnerability from cvelistv5

gsd-2018-2424

Vulnerability from gsd

cnvd-2018-11475

Vulnerability from cnvd

fkie_cve-2018-2424

Vulnerability from fkie_nvd

ghsa-5q23-7rqm-g3pj

Vulnerability from github

CERTFR-2018-AVI-291

Vulnerability from certfr_avis

Solution

var-201806-1433

Vulnerability from variot

Tags

Sightings

Nomenclature