SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
BID:106156
CVE-2018-2503 |Info
SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
| Bugtraq ID: | 106156 |
| Class: | Input Validation Error |
| CVE: |
CVE-2018-2503 |
| Remote: | Yes |
| Local: | No |
| Published: | Dec 11 2018 12:00AM |
| Updated: | Dec 11 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
SAP NetWeaver 7.50 SAP NetWeaver 7.40 SAP NetWeaver 7.31 SAP NetWeaver 7.30 SAP NetWeaver 7.20 SAP NetWeaver 7.11 |
| Not Vulnerable: | |
Discussion
SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
SAP NetWeaver is prone to an information disclosure vulnerability.
An attacker can exploit this issue to gain sensitive information, that may aid in further attacks.
NetWeaver 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are vulnerable.
SAP NetWeaver is prone to an information disclosure vulnerability.
An attacker can exploit this issue to gain sensitive information, that may aid in further attacks.
NetWeaver 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 are vulnerable.
Exploit / POC
SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]
Solution / Fix
SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
Solution:
Updates are available. Please see the references or vendor advisory for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
References
SAP NetWeaver CVE-2018-2503 Information Disclosure Vulnerability
References:
References:
- SAP Homepage (SAP)
- SAP Security Note 2658279 (SAP)
- SAP Security Patch Day �?? December 2018 (SAP)