CyberSec.Space Logo
Back to CVE Browser

CVE-2018-2376

HIGH
8.1
CVSS Severity Score
EPSS Score0.1030%
EPSS Percentile34.16th
PublishedFeb 14, 2018
Last ModifiedNov 21, 2024

Vulnerability Description

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.

Affected Platforms (CPE)

πŸ“¦
Sap

Hana Extended Application Services

= 1.0

References & Advisories

πŸ”— https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
πŸ”— https://launchpad.support.sap.com/#/notes/2589129
πŸ”— https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
πŸ”— https://launchpad.support.sap.com/#/notes/2589129

Related Vulnerabilities

CVE-2015-131110.0

The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, ...

CVE-2019-02619.8

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication ...

CVE-2018-23758.1

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could ret...

CVE-2019-02667.5

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of p...