CVE-2018-2389

Summary

Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Internet Graphics Server7.20affected
SAP SESAP Internet Graphics Server7.20EXTaffected
SAP SESAP Internet Graphics Server7.45affected
SAP SESAP Internet Graphics Server7.49affected
SAP SESAP Internet Graphics Server7.53affected

Weaknesses

  • Log Injection

ADP Enrichment

CVE Program Container

Additional References

References