Insufficient Request Validation in SAP Internet Graphics Server
CVE-2018-2439
5.9MEDIUM
What is CVE-2018-2439?
The SAP Internet Graphics Server (IGS) exhibits a vulnerability due to insufficient request validation across various components, including the HTTP and RFC listeners, as well as during multiplexer portwatcher registration. This flaw enables the server to process malformed requests under specific conditions, potentially leading to a crash and service disruption. Organizations using vulnerable versions should implement necessary safeguards to prevent exploitation.
Affected Version(s)
SAP Internet Graphics Server (IGS) = 7.20 = 7.20
SAP Internet Graphics Server (IGS) = 7.20EXT = 7.20EXT
SAP Internet Graphics Server (IGS) = 7.45 = 7.45