Vulnerability Details CVE-2018-2368
SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.032
EPSS Ranking 86.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/103000
- https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
- https://launchpad.support.sap.com/#/notes/2565622
- http://www.securityfocus.com/bid/103000
- https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
- https://launchpad.support.sap.com/#/notes/2565622
Products affected by CVE-2018-2368
-
cpe:2.3:a:sap:netweaver_system_landscape_directory:7.10
-
cpe:2.3:a:sap:netweaver_system_landscape_directory:7.20
-
cpe:2.3:a:sap:netweaver_system_landscape_directory:7.30
-
cpe:2.3:a:sap:netweaver_system_landscape_directory:7.31
-
cpe:2.3:a:sap:netweaver_system_landscape_directory:7.40