CVE-2018-2458

3 documents3 sources

Severity

7.5HIGH

EPSS

0.3%

top 44.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SAP Business ONE SAP Business ONE

Timeline

PublishedSep 11

Latest updateMay 13

Description

Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDsap/business_one9.2, 9.3+1

▶CVEListV5sap/sap_business_one9.2, 9.3+1

🔴Vulnerability Details

GHSA

GHSA-cvw5-vvpf-7r3m: Under certain conditions, Crystal Report using SAP Business One, versions 9↗2022-05-13

▶

CVEList

CVE-2018-2458: Under certain conditions, Crystal Report using SAP Business One, versions 9↗2018-09-11

▶