Vulnerabilities > SAP

DATE CVE VULNERABILITY TITLE RISK
2018-02-14 CVE-2018-2392 XXE vulnerability in SAP Internet Graphics Server
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.
network
low complexity
sap CWE-611
7.5
2018-02-14 CVE-2018-2391 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2390 Unspecified vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2389 Improper Encoding or Escaping of Output vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.
network
low complexity
sap CWE-116
5.7
2018-02-14 CVE-2018-2388 Cross-site Scripting vulnerability in SAP Internet Graphics Server
Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
network
low complexity
sap CWE-79
6.1
2018-02-14 CVE-2018-2387 Unspecified vulnerability in SAP Internet Graphics Server
A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise.
network
low complexity
sap
6.5
2018-02-14 CVE-2018-2386 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53.
network
low complexity
sap CWE-119
6.5
2018-02-14 CVE-2018-2385 Divide By Zero vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
network
low complexity
sap CWE-369
6.5
2018-02-14 CVE-2018-2384 NULL Pointer Dereference vulnerability in SAP Internet Graphics Server
Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services.
network
low complexity
sap CWE-476
6.5
2018-02-14 CVE-2018-2383 Cross-site Scripting vulnerability in SAP Internet Graphics Server
Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
network
low complexity
sap CWE-79
6.1