VYPR
High severity8.6NVD Advisory· Published Aug 14, 2018· Updated Jun 17, 2026

CVE-2018-2449

CVE-2018-2449

Description

SAP SRM MDM Catalog versions 3.73, 7.31, 7.32 in (SAP NetWeaver 7.3) - import functionality does not perform authentication checks for valid repository user. This is an unauthenticated functionality that you can use on windows machines to do SMB relaying.

Affected products

2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.