Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2018-2478

UNKNOWN
Published 2018-11-13T20:00:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2018-2478. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

SAP

SAP Basis (TREX / BWA installation)

Affected Versions:

= 7.0 to 7.02 = 7.10 to 7.11 = 7.30 = 7.31 = 7.40 = 7.50 to 7.53

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-wxfr-9w7h-p9c2

Advisory Details

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user.

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2018-2478
WEB https://launchpad.support.sap.com/#/notes/2675696
WEB https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832
WEB http://www.securityfocus.com/bid/105904

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

http://www.securityfocus.com/bid/105904
https://launchpad.support.sap.com/#/notes/2675696
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832
Published: 2018-11-13T20:00:00
Last Modified: 2024-08-05T04:21:33.607Z
Copied to clipboard!