CVE-2018-2400

Опубликовано: 14 мар. 2018

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted.

Ссылки

http://www.securityfocus.com/bid/103375
Third Party Advisory
VDB Entry
https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2596535
Permissions Required
http://www.securityfocus.com/bid/103375
Third Party Advisory
VDB Entry
https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/
Vendor Advisory
https://launchpad.support.sap.com/#/notes/2596535
Permissions Required

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redwood:sap_business_process_automation:9.00:*:*:*:*:*:*:*

cpe:2.3:a:redwood:sap_business_process_automation:9.10:*:*:*:*:*:*:*

EPSS

Процентиль: 55%

0.00329

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-gg5g-p469-j5vr