CVE-2018-2462
Description
In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.
Risk Information
Base Score
8.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.628
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.40 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.30 | Windows |
| Vulnerabilities CVE-2018-2462 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.31 | Windows |
| Vulnerabilities CVE-2018-2462 are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.41 | Windows |
| Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.50 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234