CyberSec.Space Logo
Back to CVE Browser

CVE-2018-2405

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1220%
EPSS Percentile20.68th
PublishedApr 10, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting.

Affected Platforms (CPE)

πŸ“¦
Sap

Solution Manager

= 7.10
πŸ“¦
Sap

Solution Manager

= 7.20

References & Advisories

πŸ”— http://www.securityfocus.com/bid/103703
πŸ”— https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
πŸ”— https://launchpad.support.sap.com/#/notes/2372688
πŸ”— http://www.securityfocus.com/bid/103703
πŸ”— https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
πŸ”— https://launchpad.support.sap.com/#/notes/2372688

Related Vulnerabilities

CVE-2020-2682110.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-2682210.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-636410.0

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to m...

CVE-2020-2682310.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...