Privilege Escalation Vulnerability in SAP Disclosure Management by SAP
CVE-2018-2413

5.4MEDIUM

Key Information:

Vendor: SAP
Status: SAP Disclosure Management
Vendor: CVE Published:; 10 April 2018

🔔 Create SAP Vulnerability Alert

What is CVE-2018-2413?

SAP Disclosure Management 10.1 has a vulnerability due to insufficient authorization checks for authenticated users. This flaw allows attackers to escalate their privileges, gaining unauthorized access to sensitive operations and data. Proper validation is crucial in mitigating this security risk and protecting organizational data integrity.

Affected Version(s)

SAP Disclosure Management 10.1

References

https://launchpad.support.sap.com/#/notes/2614501

x_refsource_MISC

https://blogs.sap.com/2018/04/10/sap-security-patch-day-a...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/103727

vdb-entryx_refsource_BID

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 10, 2018
Vulnerability Reserved
Dec 15, 2017

.

CVE-2018-2413 : Privilege Escalation Vulnerability in SAP Disclosure Management by SAP