CVE-2018-2393

Summary

Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Internet Graphics Server7.20affected
SAP SESAP Internet Graphics Server7.20EXTaffected
SAP SESAP Internet Graphics Server7.45affected
SAP SESAP Internet Graphics Server7.49affected
SAP SESAP Internet Graphics Server7.53affected

Weaknesses

  • Missing XML Validation

ADP Enrichment

CVE Program Container

Additional References

References