CVE-2018-2478 is a vulnerability in SAP Basis
Published on November 13, 2018

An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user. The commands executed depend upon the privileges of the <sid>adm user.

NVD

Products Associated with CVE-2018-2478

Want to know whenever a new CVE is published for SAP Basis? stack.watch will email you.

SAP Basis

Affected Versions

SAP Basis (TREX / BWA installation):

Version = 7.0 to 7.02 is affected.
Version = 7.10 to 7.11 is affected.
Version = 7.30 is affected.
Version = 7.31 is affected.
Version = 7.40 is affected.
Version = 7.50 to 7.53 is affected.

Exploit Probability

EPSS

0.30%

Percentile

53.12%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-2478 is a vulnerability in SAP BasisPublished on November 13, 2018

Products Associated with CVE-2018-2478

Affected Versions

Exploit Probability

CVE-2018-2478 is a vulnerability in SAP Basis
Published on November 13, 2018