CyberSec.Space Logo
CVEブラウザに戻る

CVE-2018-2487

HIGH
8.3
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile13.59th
Published2018年11月13日
Last Modified2024年11月21日

Vulnerability Description

SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.

Affected Platforms (CPE)

📦
Sap

Disclosure Management

= 10.1

References & Advisories

🔗 http://www.securityfocus.com/bid/105908
🔗 https://launchpad.support.sap.com/#/notes/2701410
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832
🔗 http://www.securityfocus.com/bid/105908
🔗 https://launchpad.support.sap.com/#/notes/2701410
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832

関連する脆弱性情報

CVE-2017-232010.0

A vulnerability in Juniper Networks NorthStar Controller Application prior to version 2.1.0 Service Pack 1 may allow an unauthenti...

CVE-2009-309910.0

Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unkn...

CVE-2018-04269.8

A vulnerability in the web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifu...

CVE-2018-120269.8

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such ...