High severity8.6NVD Advisory· Published Aug 14, 2018· Updated Jun 17, 2026
CVE-2018-2449
CVE-2018-2449
Description
SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.
Affected products
2- Range: 3.73, 7.31, 7.32
- Range: 3.73
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105079nvdThird Party AdvisoryVDB Entry
- launchpad.support.sap.comnvdPermissions RequiredVendor Advisory
- wiki.scn.sap.com/wiki/pages/viewpage.actionnvdVendor Advisory
News mentions
0No linked articles in our index yet.