SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
BID:105309
CVE-2018-2460 |Info
SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
| Bugtraq ID: | 105309 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-2460 |
| Remote: | Yes |
| Local: | No |
| Published: | Sep 11 2018 12:00AM |
| Updated: | Sep 11 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
SAP Business One for Android 1.2 |
| Not Vulnerable: | |
Discussion
SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
SAP Business One For Android is prone to a security-bypass vulnerability.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks.
SAP Business One For Android is prone to a security-bypass vulnerability.
Successfully exploiting this issue allows attackers to perform man-in-the-middle attacks and bypass certain security restrictions. This may aid in further attacks.
Exploit / POC
SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution / Fix
SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
SAP Business One For Android CVE-2018-2460 Certificate Validation Security Bypass Vulnerability
References:
References:
- SAP Homepage (SAP)
- SAP Security Note 2682503 (SAP)
- SAP Security Patch Day �?? September 2018 (SAP)