CVE-2018-2398

Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
sapbusiness_client
6.5
sapbusiness_client
6.5:patch_level1
sapbusiness_client
6.5:patch_level2
sapbusiness_client
6.5:patch_level3
sapbusiness_client
6.5:patch_level4
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/103370
https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/
https://launchpad.support.sap.com/#/notes/2580967
http://www.securityfocus.com/bid/103370
https://blogs.sap.com/2018/03/13/sap-security-patch-day-march-2018/
https://launchpad.support.sap.com/#/notes/2580967