CVE-2018-2494
Summary
| CVE | CVE-2018-2494 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-12-11 22:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform. |
Risk And Classification
Problem Types: CWE-863
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Sap | Business Application Software Integrated Solution | 7.31 | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | 7.40 | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | 7.31 | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | 7.40 | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | All | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | All | All | All | All |
| Application | Sap | Business Application Software Integrated Solution | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| SAP Security Patch Day – December 2018 - Product Security Response at SAP - SCN Wiki | MISC | wiki.scn.sap.com | Vendor Advisory |
| launchpad.support.sap.com | MISC | launchpad.support.sap.com | Permissions Required, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.