VYPR
Unrated severityNVD Advisory· Published Nov 13, 2018· Updated Aug 5, 2024

CVE-2018-2478

CVE-2018-2478

Description

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the adm user. The commands executed depend upon the privileges of the adm user.

Affected products

4
  • SAP/BWAllm-create
  • SAP/Trexllm-fuzzy
  • SAP/BASISllm-fuzzy
    Range: 7.0-7.02, 7.10-7.11, 7.30, 7.31, 7.40, 7.50-7.53
  • SAP/SAP Basis (TREX / BWA installation)v5
    Range: = 7.0 to 7.02

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.