Insufficient Resource Protection in SAP NetWeaver AS Java
CVE-2018-2503
7.4HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 11 December 2018
What is CVE-2018-2503?
The SAP NetWeaver AS Java keystore service presents a vulnerability that allows insufficient restriction of access to protected resources. This flaw may lead to unauthorized access, which could compromise sensitive information and overall system security. The issue has been addressed in the latest versions of SAP NetWeaver AS Java, where access control measures have been strengthened to mitigate potential exploitation.
Affected Version(s)
SAP NetWeaver AS Java (ServerCore) = 7.11 = 7.11
SAP NetWeaver AS Java (ServerCore) = 7.20 = 7.20
SAP NetWeaver AS Java (ServerCore) = 7.30 = 7.30