CyberSec.Space Logo
返回 CVE 浏览器

CVE-2018-2405

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.1220%
EPSS Percentile20.68th
Published2018年4月10日
Last Modified2024年11月21日

Vulnerability Description

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting.

Affected Platforms (CPE)

📦
Sap

Solution Manager

= 7.10
📦
Sap

Solution Manager

= 7.20

References & Advisories

🔗 http://www.securityfocus.com/bid/103703
🔗 https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
🔗 https://launchpad.support.sap.com/#/notes/2372688
🔗 http://www.securityfocus.com/bid/103703
🔗 https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
🔗 https://launchpad.support.sap.com/#/notes/2372688

相关漏洞威胁

CVE-2020-2682110.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-2682210.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...

CVE-2020-636410.0

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to m...

CVE-2020-2682310.0

SAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing ...