CVE-2018-2409

N/A

Description

Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud Connector). Under certain conditions, data of some other user may be shown or modified when using an application built on top of SAP Cloud Platform.

CVE Details

CVSS v3.1 ScoreN/A

Published4/10/2018

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

sap:cloud_platform

Weaknesses (CWE)

CWE-384

References

http://www.securityfocus.com/bid/103702(cna@sap.com)

https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/(cna@sap.com)

https://launchpad.support.sap.com/#/notes/2614141(cna@sap.com)

http://www.securityfocus.com/bid/103702(af854a3a-2127-422b-91ae-364da2661108)

https://blogs.sap.com/2018/04/10/sap-security-patch-day-april-2018/(af854a3a-2127-422b-91ae-364da2661108)

https://launchpad.support.sap.com/#/notes/2614141(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.