← Voltar para CVEs
CVE-2018-2449
N/ADescricao
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado8/14/2018
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0
Produtos afetados
sap:supplier_relationship_management_mdm_catalog
Fraquezas (CWE)
CWE-287
Referencias
http://www.securityfocus.com/bid/105079(cna@sap.com)
https://launchpad.support.sap.com/#/notes/2655250(cna@sap.com)
http://www.securityfocus.com/bid/105079(af854a3a-2127-422b-91ae-364da2661108)
https://launchpad.support.sap.com/#/notes/2655250(af854a3a-2127-422b-91ae-364da2661108)
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742(af854a3a-2127-422b-91ae-364da2661108)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.