CVE-2018-2459

3 documents3 sources

Severity

7.5HIGH

EPSS

0.3%

top 44.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SAP Mobile Platform SAP Mobile Platform

Timeline

PublishedSep 11

Latest updateMay 13

Description

Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

▶NVDsap/mobile_platform3.0

▶CVEListV5sap/sap_mobile_platform= 3.0

🔴Vulnerability Details

GHSA

GHSA-wh5r-wq66-pv8j: Users of an SAP Mobile Platform (version 3↗2022-05-13

▶

CVEList

CVE-2018-2459: Users of an SAP Mobile Platform (version 3↗2018-09-11

▶