Vulnerabilities > CVE-2018-2448 - Unspecified vulnerability in SAP Supplier Relationship Management MDM Catalog 3.0/7.01/7.02
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
References
- http://www.securityfocus.com/bid/105077
- http://www.securityfocus.com/bid/105077
- https://launchpad.support.sap.com/#/notes/2653846
- https://launchpad.support.sap.com/#/notes/2653846
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742