CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-2389

Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.7%

CVSS Severity

CVSS v3 Score 5.7

CVSS v2 Score 4.0

References

https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
https://launchpad.support.sap.com/#/notes/2525222
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
https://launchpad.support.sap.com/#/notes/2525222

Products affected by CVE-2018-2389

Sap » Internet Graphics Server » Version: 7.20

cpe:2.3:a:sap:internet_graphics_server:7.20
Sap » Internet Graphics Server » Version: 7.20ext

cpe:2.3:a:sap:internet_graphics_server:7.20ext
Sap » Internet Graphics Server » Version: 7.45

cpe:2.3:a:sap:internet_graphics_server:7.45
Sap » Internet Graphics Server » Version: 7.49

cpe:2.3:a:sap:internet_graphics_server:7.49
Sap » Internet Graphics Server » Version: 7.53

cpe:2.3:a:sap:internet_graphics_server:7.53

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-2389

Products

Pricing

Contact Us