admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Added submission from SAP from 2018-02-13.

Browse Source
This commit is contained in:
CVE Team 2018-02-14 06:33:39 -05:00
parent e9654384da
commit d799a2e44c
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
28 changed files with 1659 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
2018/2xxx/CVE-2018-2364.json
View File

@ -1,8 +1,67 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2364",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP CRM WebClient UI",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.01"
},
{
"version_affected" : "=",
"version_value" : "7.31"
},
{
"version_affected" : "=",
"version_value" : "7.46"
},
{
"version_affected" : "=",
"version_value" : "7.47"
},
{
"version_affected" : "=",
"version_value" : "7.48"
},
{
"version_affected" : "=",
"version_value" : "8.00"
},
{
"version_affected" : "=",
"version_value" : "8.01"
}
]
}
},
{
"product_name" : "S4FND",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.02"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +70,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "SAP CRM WebClient UI 7.01, 7.31, 7.46, 7.47, 7.48, 8.00, 8.01, S4FND 1.02, does not sufficiently validate and/or encode hidden fields, resulting in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2541700"
}
]
}

56
2018/2xxx/CVE-2018-2369.json
View File

@ -1,8 +1,36 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2369",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.00"
},
{
"version_affected" : "=",
"version_value" : "2.00"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +39,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker cannot influence or predict the location of the leaked memory."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2572940"
}
]
}

60
2018/2xxx/CVE-2018-2370.json
View File

@ -1,8 +1,40 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2370",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP BI Launchpad",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "4.00"
},
{
"version_affected" : "=",
"version_value" : "from 4.20"
},
{
"version_affected" : "=",
"version_value" : "from 4.30"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +43,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Server Side Request Forgery(SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Server Side Request Forgery (SSRF)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2493727"
}
]
}

52
2018/2xxx/CVE-2018-2371.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2371",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP NetWeaver Java Web Application",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.50"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "The SAML 2.0 service provider of SAP NetweaverAS Java Web Application, 7.50, does not sufficiently encode user controlled inputs, which results in Cross-Site Scripting (XSS) vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting (XSS)"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2560741"
}
]
}

52
2018/2xxx/CVE-2018-2372.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2372",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A plain keystore password is written to a system log file in SAP HANA Extended Application Services, 1.0, which could endanger confidentiality of SSL communication."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2373.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2373",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain circumstances, a specific endpoint of the Controller's API could be misued by unauthenticated users to execute SQL statements that deliver information about system configuration in SAP HANA Extended Application Services, 1.0."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "SQL Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2374.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2374",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2375.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2375",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : " In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2376.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2376",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : " In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2377.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2377",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2378.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2378",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In SAP HANA Extended Application Services, 1.0, unauthorized users can read statistical data about deployed applications including resource consumption."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2379.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2379",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP HANA Extended Application Services",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "1.0"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2589129"
}
]
}

52
2018/2xxx/CVE-2018-2381.json
View File

@ -1,8 +1,32 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2381",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP ERP Financials Information System",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "2.00"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +35,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing Authorization Check"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2545842"
}
]
}

68
2018/2xxx/CVE-2018-2382.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2382",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2383.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2383",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Reflected Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2384.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2384",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2385.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2385",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2386.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2386",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2387.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2387",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Information Disclosure"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2388.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2388",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2389.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2389",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Log Injection"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2390.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2390",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2391.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2391",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2392.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2392",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing XML Validation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2393.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2393",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Missing XML Validation"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2394.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2394",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2395.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2395",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Unrestricted File Upload"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}

68
2018/2xxx/CVE-2018-2396.json
View File

@ -1,8 +1,48 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ASSIGNER" : "cna@sap.com",
"ID" : "CVE-2018-2396",
"STATE" : "RESERVED"
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "SAP Internet Graphics Server",
"version" : {
"version_data" : [
{
"version_affected" : "=",
"version_value" : "7.20"
},
{
"version_affected" : "=",
"version_value" : "7.20EXT"
},
{
"version_affected" : "=",
"version_value" : "7.45"
},
{
"version_affected" : "=",
"version_value" : "7.49"
},
{
"version_affected" : "=",
"version_value" : "7.53"
}
]
}
}
]
},
"vendor_name" : "SAP SE"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
@ -11,7 +51,29 @@
"description_data" : [
{
"lang" : "eng",
"value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value" : "Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial-of-Service"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/"
},
{
"url" : "https://launchpad.support.sap.com/#/notes/2525222"
}
]
}