Multiple vulnerabilities in SAP products
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2018-2381 CVE-2018-2364 CVE-2018-2370 CVE-2018-2371 |
| CWE-ID | CWE-862 CWE-79 CWE-918 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
SAP ERP Client/Desktop applications / Software for system administration SAP WebIntelligence BI LaunchPad Client/Desktop applications / Software for system administration SAP CRM Web applications / CRM systems SAP NetWeaver Server applications / Application servers |
| Vendor | SAP |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Privilege escalation
EUVDB-ID: #VU10600
Risk: Low
CVSSv4.0: 6.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-2381
CWE-ID:
CWE-862 - Missing Authorization
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges on the target system.
The vulnerability exists due to the failure to perform necessary authorization checks for an authenticated user. A local attacker can gain unauthorized access and obtain sensitive information. Mitigation
Install update from vendor's website.
Vulnerable software versionsSAP ERP: SAP_APPL 6.00 - S4CORE 1.02
CPE2.3- cpe:2.3:a:sap:sap_erp:SAP_APPL 6.00:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_erp:SAP_APPL 6.02:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_erp:SAP_APPL 6.03:*:*:*:*:*:*:*
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Cross-site scripting
EUVDB-ID: #VU10634
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-2364
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsSAP CRM: S4FND 1.02 - 8.01
CPE2.3- cpe:2.3:a:sap:sap_crm:S4FND 1.02:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_crm:7.01:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_crm:7.31:*:*:*:*:*:*:*
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Server-side request forgery
EUVDB-ID: #VU10638
Risk: Low
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-2370
CWE-ID:
CWE-918 - Server-Side Request Forgery (SSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote user to perform SSRF-attack on the target system.
The weakness exists due to insufficient validation of user-supplied input. A remote attacker can use common techniques to determine which ports are in use on the backend server and perform server-sire request forgery attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsSAP WebIntelligence BI LaunchPad: 4.10 - 4.30
CPE2.3- cpe:2.3:a:sap:sap_webintelligence_bi_launchpad:4.10:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_webintelligence_bi_launchpad:4.20:*:*:*:*:*:*:*
- cpe:2.3:a:sap:sap_webintelligence_bi_launchpad:4.30:*:*:*:*:*:*:*
https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Cross-site scripting
EUVDB-ID: #VU10640
Risk: Low
CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-2371
CWE-ID:
CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Exploit availability: No
DescriptionThe disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
MitigationInstall update from vendor's website.
Vulnerable software versionsSAP NetWeaver: 7.50
CPE2.3 External linkshttps://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
