All the vulnerabilites related to SAP - SAP Basis (AS ABAP of SAP NetWeaver)
cve-2018-2494
Vulnerability from cvelistv5
Published
2018-12-11 23:00
Modified
2024-08-05 04:21
Severity ?
EPSS score ?
Summary
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | x_refsource_MISC | |
| https://launchpad.support.sap.com/#/notes/2698996 | x_refsource_MISC |
Impacted products
| Vendor | Product | Version | |||||
|---|---|---|---|---|---|---|---|
| ▼ | SAP | SAP Basis (AS ABAP of SAP NetWeaver) |
Version: = 7.00 to 7.02 Version: = 7.10 to 7.30 Version: = 7.31 Version: = 7.40 |
||||
|
|||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.075Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.support.sap.com/#/notes/2698996"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "SAP Basis (AS ABAP of SAP NetWeaver)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.00 to 7.02"
},
{
"status": "affected",
"version": "= 7.10 to 7.30"
},
{
"status": "affected",
"version": "= 7.31"
},
{
"status": "affected",
"version": "= 7.40"
}
]
},
{
"product": "SAP Basis (ABAP Platform)",
"vendor": "SAP",
"versions": [
{
"status": "affected",
"version": "= 7.50 to 7.53"
}
]
}
],
"datePublic": "2018-12-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Missing Authorization Check",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-12-11T22:57:01",
"orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"shortName": "sap"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.support.sap.com/#/notes/2698996"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@sap.com",
"ID": "CVE-2018-2494",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "SAP Basis (AS ABAP of SAP NetWeaver)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.00 to 7.02"
},
{
"version_name": "=",
"version_value": "7.10 to 7.30"
},
{
"version_name": "=",
"version_value": "7.31"
},
{
"version_name": "=",
"version_value": "7.40"
}
]
}
},
{
"product_name": "SAP Basis (ABAP Platform)",
"version": {
"version_data": [
{
"version_name": "=",
"version_value": "7.50 to 7.53"
}
]
}
}
]
},
"vendor_name": "SAP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Missing Authorization Check"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699",
"refsource": "MISC",
"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699"
},
{
"name": "https://launchpad.support.sap.com/#/notes/2698996",
"refsource": "MISC",
"url": "https://launchpad.support.sap.com/#/notes/2698996"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
"assignerShortName": "sap",
"cveId": "CVE-2018-2494",
"datePublished": "2018-12-11T23:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-08-05T04:21:34.075Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}