CVE-2018-2382SE SAP Internet Graphics Server vulnerability

3 documents3 sources
Severity
6.5MEDIUMNVD
EPSS
0.3%
top 50.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Internet Graphics ServerSAP Internet Graphics Server
Timeline
PublishedFeb 14
Latest updateMay 13

Description

A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

CVEListV5sap_se/sap_internet_graphics_server5 versions+4

🔴Vulnerability Details

2
GHSA
GHSA-rrm7-4ggr-h2fp: A vulnerability in the SAP internet Graphics Server, 72022-05-13
CVEList
CVE-2018-2382: A vulnerability in the SAP internet Graphics Server, 72018-02-14
CVE-2018-2382 — MEDIUM severity | cvebase