CVE-2018-2441
Summary
| CVE | CVE-2018-2441 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-08-14 16:29:00 UTC |
| Updated | 2020-08-24 17:37:00 UTC |
| Description | Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwise be restricted. |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Sap Kernel | 7.21 | All | All | All |
| Application | Sap | Sap Kernel | 7.21ext | All | All | All |
| Application | Sap | Sap Kernel | 7.22 | All | All | All |
| Application | Sap | Sap Kernel | 7.22ext | All | All | All |
| Application | Sap | Sap Kernel | 7.45 | All | All | All |
| Application | Sap | Sap Kernel | 7.49 | All | All | All |
| Application | Sap | Sap Kernel | 7.53 | All | All | All |
| Application | Sap | Sap Kernel | 7.73 | All | All | All |
| Application | Sap | Sap Kernel | 7.21 | All | All | All |
| Application | Sap | Sap Kernel | 7.21ext | All | All | All |
| Application | Sap | Sap Kernel | 7.22 | All | All | All |
| Application | Sap | Sap Kernel | 7.22ext | All | All | All |
| Application | Sap | Sap Kernel | 7.45 | All | All | All |
| Application | Sap | Sap Kernel | 7.49 | All | All | All |
| Application | Sap | Sap Kernel | 7.53 | All | All | All |
| Application | Sap | Sap Kernel | 7.73 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| launchpad.support.sap.com | MISC | launchpad.support.sap.com | Permissions Required, Vendor Advisory |
| SAP Kernel and Change and Transport System CVE-2018-2441 Security Bypass Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| SAP Security Patch Day – August 2018 - Product Security Response at SAP - Community Wiki | CONFIRM | wiki.scn.sap.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.