CVE-2018-2441 — SAP Change AND Transport System vulnerability

3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 48.69%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Change AND Transport System SAP Kernel

Timeline

PublishedAug 14

Latest updateMay 13

Description

Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwise be restricted.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:NExploitability: 1.2 | Impact: 4.2

Affected Packages2 packages

▶NVDsap/sap_kernel8 versions+7

▶CVEListV5sap/sap_change_and_transport_system5 versions+4

🔴Vulnerability Details

GHSA

GHSA-g7rm-g8wr-rrp7: Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicod↗2022-05-13

▶

CVEList

CVE-2018-2441: Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicod↗2018-08-14

▶