CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-2408

Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. In case of password change for a user, all other active sessions created using older password continues to be active.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.6%

CVSS Severity

CVSS v3 Score 7.3

CVSS v2 Score 7.5

References

http://www.securityfocus.com/bid/103700
https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
https://launchpad.support.sap.com/#/notes/2537150
http://www.securityfocus.com/bid/103700
https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
https://launchpad.support.sap.com/#/notes/2537150

Products affected by CVE-2018-2408

Sap » Businessobjects » Version: 4.0

cpe:2.3:a:sap:businessobjects:4.0
Sap » Businessobjects » Version: 4.10

cpe:2.3:a:sap:businessobjects:4.10
Sap » Businessobjects » Version: 4.20

cpe:2.3:a:sap:businessobjects:4.20
Sap » Businessobjects » Version: 4.30

cpe:2.3:a:sap:businessobjects:4.30

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-2408

Products

Pricing

Contact Us