CVE-2018-2406

Summary

Unquoted windows search path (directory/path traversal) vulnerability in Crystal Reports Server, OEM Edition (CRSE), 4.0, 4.10, 4.20, 4.30, startup path.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Crystal Reports Server, OEM Edition4.0affected
SAP SESAP Crystal Reports Server, OEM Edition4.10affected
SAP SESAP Crystal Reports Server, OEM Edition4.20affected
SAP SESAP Crystal Reports Server, OEM Edition4.30affected

Weaknesses

  • Directory/Path Traversal

ADP Enrichment

CVE Program Container

Additional References

References