CVE-2018-2448

Summary

Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.

Affected Software

VendorProductVersion RangeStatus
SAPSAP SRM-MDM CATALOG3.0affected
SAPSAP SRM-MDM CATALOG7.01affected
SAPSAP SRM-MDM CATALOG7.02affected

Weaknesses

  • Information Disclosure

ADP Enrichment

CVE Program Container

Additional References

References