Service Denial Vulnerability in SAP Internet Graphics Server by SAP
CVE-2018-2421

5.3MEDIUM

Key Information:

Vendor
SAP
Status
SAP Internet Graphics Server (igs)
Vendor
CVE Published:
9 May 2018

Summary

The SAP Internet Graphics Server (IGS) Portwatcher contains a vulnerability that could allow an attacker to disrupt service availability. This can be achieved by either crashing the service or overwhelming it with requests, which prevents legitimate users from accessing the affected service. Organizations using the specified versions of IGS should take immediate action to secure their systems against potential exploitation.

Affected Version(s)

SAP Internet Graphics Server (IGS) 7.20

SAP Internet Graphics Server (IGS) 7.20EXT

SAP Internet Graphics Server (IGS) 7.45

References

https://blogs.sap.com/2018/05/08/sap-security-patch-day-m...
x_refsource_CONFIRM
https://launchpad.support.sap.com/#/notes/2616599
x_refsource_MISC
http://www.securityfocus.com/bid/104111
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.