CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2018-2375

HIGH
8.1
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile14.07th
Published2018年2月14日
Last Modified2024年11月21日

Vulnerability Description

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space.

Affected Platforms (CPE)

📦
Sap

Hana Extended Application Services

= 1.0

References & Advisories

🔗 https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
🔗 https://launchpad.support.sap.com/#/notes/2589129
🔗 https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
🔗 https://launchpad.support.sap.com/#/notes/2589129

相關漏洞威脅

CVE-2015-131110.0

The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, ...

CVE-2019-02619.8

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication ...

CVE-2018-23768.1

In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could ret...

CVE-2019-02667.5

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of p...