Vulnerabilities > SAP > Internet Graphics Server > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-14 CVE-2018-2442 Cross-Site Request Forgery (CSRF) vulnerability in SAP products
In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details captured by an HTTP analysis tool could be reused in a HTML page while the user session is still valid.
network
low complexity
sap CWE-352
8.8
2018-07-10 CVE-2018-2438 Unspecified vulnerability in SAP Internet Graphics Server
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap
7.5
2018-05-09 CVE-2018-2423 Unspecified vulnerability in SAP Internet Graphics Server
SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, HTTP and RFC listener allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap
7.5
2018-05-09 CVE-2018-2422 Unspecified vulnerability in SAP Internet Graphics Server
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap
7.5
2018-05-09 CVE-2018-2421 Unspecified vulnerability in SAP Internet Graphics Server
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap
7.5
2018-02-14 CVE-2018-2395 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files.
network
low complexity
sap
8.8
2018-02-14 CVE-2018-2393 XXE vulnerability in SAP Internet Graphics Server
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
network
low complexity
sap CWE-611
7.5
2018-02-14 CVE-2018-2392 XXE vulnerability in SAP Internet Graphics Server
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
network
low complexity
sap CWE-611
7.5