exploitDog

CVE-2018-2377

Опубликовано: 14 фев. 2018

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users.

Ссылки

https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2589129
Permissions Required
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2589129
Permissions Required

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sap:hana_extended_application_services:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 52%

0.00294

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-33fh-7gm7-q4rf

CVSS3: 6.5

github

больше 3 лет назад

In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users.

EPSS

Процентиль: 52%

0.00294

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-noinfo