Known Vulnerabilities
CVE-2018-2413
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
MEDIUM
CVSS 5.4
Published Apr 10, 2018
CVE-2018-2403
Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to.
MEDIUM
CVSS 5.4
Published Apr 10, 2018
CVE-2018-2412
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
LOW
CVSS 3.8
Published Apr 10, 2018
CVE-2018-2404
SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation.
MEDIUM
CVSS 4.3
Published Apr 10, 2018