Vulnerabilities > SAP > Internet Graphics Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-07-10 CVE-2018-2439 Improper Input Validation vulnerability in SAP Internet Graphics Server
The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for authenticity and validity) and under certain conditions, will process invalid requests.
network
high complexity
sap CWE-20
5.9
2018-02-14 CVE-2018-2396 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2394 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2391 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2390 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2389 Improper Encoding or Escaping of Output vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.
network
low complexity
sap CWE-116
5.7
2018-02-14 CVE-2018-2388 Cross-site Scripting vulnerability in SAP Internet Graphics Server
Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
network
low complexity
sap CWE-79
6.1
2018-02-14 CVE-2018-2387 Unspecified vulnerability in SAP Internet Graphics Server
A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2386 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.
network
low complexity
sap CWE-119
6.5
2018-02-14 CVE-2018-2385 Divide By Zero vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
network
low complexity
sap CWE-369
6.5