CVE-2018-2360

EUVD-2018-14215
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
Affected Products (NVD)
VendorProductVersion
sapsap_kernel
7.45
sapsap_kernel
7.49
sapsap_kernel
7.52
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102448
https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
https://launchpad.support.sap.com/#/notes/2523961
http://www.securityfocus.com/bid/102448
https://blogs.sap.com/2018/01/09/sap-security-patch-day-january-2018/
https://launchpad.support.sap.com/#/notes/2523961