Vulnerability Details CVE-2018-2428
Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.0%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- http://www.securityfocus.com/bid/104446
- https://launchpad.support.sap.com/#/notes/2621121
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255
- http://www.securityfocus.com/bid/104446
- https://launchpad.support.sap.com/#/notes/2621121
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255
Products affected by CVE-2018-2428
-
cpe:2.3:a:sap:infrastructure:1.0
-
cpe:2.3:a:sap:ui:2.0
-
cpe:2.3:a:sap:ui:7.4
-
cpe:2.3:a:sap:ui:7.5
-
cpe:2.3:a:sap:ui:7.51
-
cpe:2.3:a:sap:ui:7.52