CVE-2018-2436

Summary

Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
SAPSAP R/3 Enterprise Retail= EHP6affected

Weaknesses

  • Missing Authentication

ADP Enrichment

CVE Program Container

Additional References

References