CVE-2018-2425

4 documents4 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 82.77%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Business ONESAP Business ONE
Timeline
PublishedJun 12
Latest updateMay 13

Description

Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.5 | Impact: 5.9

Affected Packages2 packages

NVDsap/business_one9.2, 9.3+1
CVEListV5sap_se/sap_business_one9.2, 9.3+1

🔴Vulnerability Details

2
GHSA
GHSA-9wmp-6fqg-fp67: Under certain conditions, SAP Business One, 92022-05-13
CVEList
CVE-2018-2425: Under certain conditions, SAP Business One, 92018-06-12

💬Community

1
Bugzilla
CVE-2017-12624 cxf: Improper size validation in message attachment header for JAX-WS and JAX-RS services2017-11-21
CVE-2018-2425 (MEDIUM CVSS 5.5) | Under certain conditions | cvebase.io