CVE-2018-2492

Description

SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.

Risk Information

Base Score

7.1

MODERATE

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

EPSS Score

Exploitation Probability

0.363

Associated Vulnerability

Vulnerability	OS Platform
Multiple Vulnerabilities are affected in SAP NetWeaver and ABAP Platform (Service Data Collection) 7.40	Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234