Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-2424

SAP UI5 did not validate user input before adding it to the DOM structure. This may lead to malicious user-provided JavaScript code being added to the DOM that could steal user information. Software components affected are: SAP Hana Database 1.00, 2.00; SAP UI5 1.00; SAP UI5 (Java) 7.30, 7.31, 7.40, 7,50; SAP UI 7.40, 7.50, 7.51, 7.52, and version 2.0 of SAP UI for SAP NetWeaver 7.00
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 5.0
Products affected by CVE-2018-2424
  • Sap » Hana Database » Version: 1.00
    cpe:2.3:a:sap:hana_database:1.00
  • Sap » Hana Database » Version: 2.00
    cpe:2.3:a:sap:hana_database:2.00
  • Sap » Ui5 » Version: 1.00
    cpe:2.3:a:sap:ui5:1.00
  • Sap » Ui5 Java » Version: 7.30
    cpe:2.3:a:sap:ui5_java:7.30
  • Sap » Ui5 Java » Version: 7.31
    cpe:2.3:a:sap:ui5_java:7.31
  • Sap » Ui5 Java » Version: 7.40
    cpe:2.3:a:sap:ui5_java:7.40
  • Sap » Ui5 Java » Version: 7.50
    cpe:2.3:a:sap:ui5_java:7.50
  • Sap » Ui » Version: 2.0
    cpe:2.3:a:sap:ui:2.0
  • Sap » Ui » Version: 7.40
    cpe:2.3:a:sap:ui:7.40
  • Sap » Ui » Version: 7.50
    cpe:2.3:a:sap:ui:7.50
  • Sap » Ui » Version: 7.51
    cpe:2.3:a:sap:ui:7.51
  • Sap » Ui » Version: 7.52
    cpe:2.3:a:sap:ui:7.52


Products
Pricing
Contact Us

Shodan ® - All rights reserved