Vulnerability Description
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Business Application Software Integrated Solution | >= 7.00, <= 7.02 |
Related Weaknesses (CWE)
References
- https://launchpad.support.sap.com/#/notes/2698996Permissions RequiredVendor Advisory
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699Vendor Advisory
- https://launchpad.support.sap.com/#/notes/2698996Permissions RequiredVendor Advisory
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699Vendor Advisory
FAQ
What is CVE-2018-2494?
CVE-2018-2494 is a vulnerability with a CVSS score of 8.0 (HIGH). Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Pl...
How severe is CVE-2018-2494?
CVE-2018-2494 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-2494?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Business Application Software Integrated Solution.