Vulnerabilities > CVE-2018-2403 - Unspecified vulnerability in SAP Disclosure Management 10.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
References
- http://www.securityfocus.com/bid/103727
- http://www.securityfocus.com/bid/103727
- https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
- https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/
- https://launchpad.support.sap.com/#/notes/2595800
- https://launchpad.support.sap.com/#/notes/2595800