CVE-2018-2494

Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 52%
VendorProductVersion
sapbusiness_application_software_integrated_solution
7.00 ≤
𝑥
≤ 7.02
sapbusiness_application_software_integrated_solution
7.10 ≤
𝑥
≤ 7.30
sapbusiness_application_software_integrated_solution
7.50 ≤
𝑥
≤ 7.53
sapbusiness_application_software_integrated_solution
7.31
sapbusiness_application_software_integrated_solution
7.40
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2698996
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699
https://launchpad.support.sap.com/#/notes/2698996
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699