CVE-2018-2484 vulnerability in SAP Products
Published on January 8, 2019

SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

NVD

Products Associated with CVE-2018-2484

Want to know whenever a new CVE is published for SAP products? stack.watch will email you.

SAP Bankcfm

SAP Ea Finserv

SAP S4score

Sapscore

SAP S4core

Affected Versions

SAP SE SAP Enterprise Financial Services (SAPSCORE):

Version < 1.13 is affected.
Version < 1.14 is affected.
Version < 1.15 is affected.

SAP SE SAP Enterprise Financial Services (S4CORE):

Version < 1.01 is affected.
Version < 1.02 is affected.
Version < 1.03 is affected.

SAP SE SAP Enterprise Financial Services (EA-FINSERV):

Version < 1.10 is affected.
Version < 2.0 is affected.
Version < 5.0 is affected.
Version < 6.0 is affected.
Version < 6.03 is affected.
Version < 6.04 is affected.
Version < 6.05 is affected.
Version < 6.06 is affected.
Version < 6.16 is affected.
Version < 6.17 is affected.
Version < 6.18 is affected.
Version < 8.0 is affected.

SAP SE SAP Enterprise Financial Services (Bank/CFM):

Version < 4.63_20 is affected.

Exploit Probability

EPSS

0.49%

Percentile

65.28%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-2484 vulnerability in SAP ProductsPublished on January 8, 2019

Products Associated with CVE-2018-2484

Affected Versions

Exploit Probability

CVE-2018-2484 vulnerability in SAP Products
Published on January 8, 2019