CVE-2018-2398

6.7MEDIUM

Key Information:

Vendor: SAP
Status: SAP Business Client
Vendor: CVE Published:; 14 March 2018

Summary

Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.

Affected Version(s)

SAP Business Client 6.5

References

https://blogs.sap.com/2018/03/13/sap-security-patch-day-m...

x_refsource_CONFIRM

https://launchpad.support.sap.com/#/notes/2580967

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103370

vdb-entryx_refsource_BID

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

Low

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 14, 2018
Vulnerability Reserved
Dec 15, 2017

.