Unrated severityNVD Advisory· Published Nov 13, 2018· Updated Aug 5, 2024
CVE-2018-2478
CVE-2018-2478
Description
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The commands executed depend upon the privileges of the adm user.
Affected products
4- SAP/SAP Basis (TREX / BWA installation)v5Range: = 7.0 to 7.02
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/105904mitrevdb-entryx_refsource_BID
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.