Security Vulnerabilities - CVEs Published In September 2018
Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-09-11
Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user.
CVSS Score
7.5
EPSS Score
0.004
Published
2018-09-11
SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to do MITM attack.
CVSS Score
5.9
EPSS Score
0.001
Published
2018-09-11
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an authenticated user which may result in an escalation of privileges.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-09-11
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
CVSS Score
8.8
EPSS Score
0.007
Published
2018-09-11
The Omni Commerce Connect API (OCC) of SAP Hybris Commerce, versions 6.*, is vulnerable to server-side request forgery (SSRF) attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC.
CVSS Score
8.6
EPSS Score
0.003
Published
2018-09-11
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
CVSS Score
7.6
EPSS Score
0.003
Published
2018-09-11
A flaw was found in the 389 Directory Server that allows users to cause a crash in the LDAP server using ldapsearch with server side sort.
CVSS Score
6.5
EPSS Score
0.005
Published
2018-09-11
It was found that URLResource.getLastModified() in Undertow closes the file descriptors only when they are finalized which can cause file descriptors to exhaust. This leads to a file handler leak.
CVSS Score
6.5
EPSS Score
0.007
Published
2018-09-11
Tendrl API in Red Hat Gluster Storage before 3.4.0 does not immediately remove session tokens after a user logs out. Session tokens remain active for a few minutes allowing attackers to replay tokens acquired via sniffing/MITM attacks and authenticate as the target user.
CVSS Score
4.2
EPSS Score
0.005
Published
2018-09-11