VYPR
High severity8.8NVD Advisory· Published Sep 11, 2018· Updated Jun 17, 2026

CVE-2018-2462

CVE-2018-2462

Description

In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.

Affected products

2
  • SAP/Netweaverllm-fuzzy2 versions
    7.30, 7.31, 7.40, 7.41, 7.50+ 1 more
    • (no CPE)range: 7.30, 7.31, 7.40, 7.41, 7.50
    • (no CPE)range: = 7.30

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.