CVE-2018-2386

CWE-119 — Buffer Overflow3 documents3 sources

Severity

6.5MEDIUM

EPSS

0.4%

top 36.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP Internet Graphics Server SAP Internet Graphics Server

Timeline

PublishedFeb 14

Latest updateMay 14

Description

Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶NVDsap/internet_graphics_server5 versions+4

▶CVEListV5sap_se/sap_internet_graphics_server5 versions+4

🔴Vulnerability Details

GHSA

GHSA-hfxm-c2j4-5j5g: Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Grap↗2022-05-14

▶

CVEList

CVE-2018-2386: Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Grap↗2018-02-14

▶