CVE-2018-2416

Severity

5.4MEDIUM

EPSS

0.7%

top 26.89%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 9

Latest updateMay 14

Description

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:LExploitability: 2.8 | Impact: 2.5

GHSA

GHSA-f95c-99jv-mf4r: SAP Identity Management 7↗2022-05-14

▶

CVEList

CVE-2018-2416: SAP Identity Management 7↗2018-05-09

▶