← volver
CVE-2018-2363

CVE-2018-2363

EPSS 1.7%
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 1.7%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
09 ene 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials.
Productos afectados
SAP SE · SAP NetWeaver

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/https://launchpad.support.sap.com/#/notes/1906212https://launchpad.support.sap.com/#/notes/2525392http://www.securityfocus.com/bid/102449