CVE-2018-2419 vulnerability in SAP Products
Published on May 9, 2018

SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

NVD

Products Associated with CVE-2018-2419

Want to know whenever a new CVE is published for SAP products? stack.watch will email you.

SAP Ea Finserv

SAP S4core

Sapscore

Affected Versions

SAP SE SAP Enterprise Financial Services (SAPSCORE):

Version 1.11 is affected.
Version 1.12 is affected.

SAP SE SAP Enterprise Financial Services (S4CORE):

Version 1.01 is affected.
Version 1.02 is affected.

SAP SE SAP Enterprise Financial Services (EA-FINSERV):

Version 6.04 is affected.
Version 6.05 is affected.
Version 6.06 is affected.
Version 6.16 is affected.
Version 6.17 is affected.
Version 6.18 is affected.
Version 8.0 is affected.

Exploit Probability

EPSS

0.18%

Percentile

39.86%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-2419 vulnerability in SAP ProductsPublished on May 9, 2018

Products Associated with CVE-2018-2419

Affected Versions

Exploit Probability

CVE-2018-2419 vulnerability in SAP Products
Published on May 9, 2018