CVE-2018-2437

Summary

The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification.

Affected Software

VendorProductVersion RangeStatus
SAPSAP Internet Graphics Server (IGS)= 7.20affected
SAPSAP Internet Graphics Server (IGS)= 7.20EXTaffected
SAPSAP Internet Graphics Server (IGS)= 7.45affected
SAPSAP Internet Graphics Server (IGS)= 7.49affected
SAPSAP Internet Graphics Server (IGS)= 7.53affected

Weaknesses

  • Disclosure of information and malicious file insertion or modification.

ADP Enrichment

CVE Program Container

Additional References

References