Vulnerabilities > CVE-2018-2428 - Unspecified vulnerability in SAP Infrastructure and UI
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |
References
- http://www.securityfocus.com/bid/104446
- http://www.securityfocus.com/bid/104446
- https://launchpad.support.sap.com/#/notes/2621121
- https://launchpad.support.sap.com/#/notes/2621121
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255