Vulnerability Details CVE-2018-2360
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.03
EPSS Ranking 86.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/102448
- https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
- https://launchpad.support.sap.com/#/notes/2523961
- http://www.securityfocus.com/bid/102448
- https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
- https://launchpad.support.sap.com/#/notes/2523961
Products affected by CVE-2018-2360
-
cpe:2.3:o:sap:sap_kernel:7.45
-
cpe:2.3:o:sap:sap_kernel:7.49
-
cpe:2.3:o:sap:sap_kernel:7.52