CyberSec.Space Logo
Back to CVE Browser

CVE-2018-2487

HIGH
8.3
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile13.59th
PublishedNov 13, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.

Affected Platforms (CPE)

πŸ“¦
Sap

Disclosure Management

= 10.1

References & Advisories

πŸ”— http://www.securityfocus.com/bid/105908
πŸ”— https://launchpad.support.sap.com/#/notes/2701410
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832
πŸ”— http://www.securityfocus.com/bid/105908
πŸ”— https://launchpad.support.sap.com/#/notes/2701410
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832

Related Vulnerabilities

CVE-2017-232010.0

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenti...

CVE-2009-309910.0

Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unkn...

CVE-2018-04269.8

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifu...

CVE-2018-120269.8

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such ...