← voltar
CVE-2018-2363

CVE-2018-2363

EPSS 1.7%
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 1.7%KEV nãoPoC Patch
Ciclo de vida
09 jan 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by executing malicious code without legitimate credentials.
Produtos afetados
SAP SE · SAP NetWeaver

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/https://launchpad.support.sap.com/#/notes/1906212https://launchpad.support.sap.com/#/notes/2525392http://www.securityfocus.com/bid/102449