Vulnerabilities > CVE-2018-2403 - Unspecified vulnerability in SAP Disclosure Management 10.1

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

sap

NVD

Published: 2018-04-10

Updated: 2020-08-24

Summary

Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to.

Vulnerable Configurations

Part	Description	Count
Application	Sap SAP Disclosure Management 10.1	1

References

https://launchpad.support.sap.com/#/notes/2595800
https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
http://www.securityfocus.com/bid/103727