CVE-2018-2408

Summary

Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad. In case of password change for a user, all other active sessions created using older password continues to be active.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Business Objects4.00affected
SAP SESAP Business Objectsfrom 4.10affected
SAP SESAP Business Objectsfrom 4.20affected
SAP SESAP Business Objects4.30affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References