Vulnerability Description
Under certain conditions SAP Mobile Secure Android client (before version 6.60.19942.0 SP28 1711) allows an attacker to access information which would otherwise be restricted.
CVSS Score
4.7
MEDIUM
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Sap | Mobile Secure | <= 6.60.19942.0 |
References
- http://www.securityfocus.com/bid/106157Third Party AdvisoryVDB Entry
- https://launchpad.support.sap.com/#/notes/2707024Permissions RequiredVendor Advisory
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699Vendor Advisory
- http://www.securityfocus.com/bid/106157Third Party AdvisoryVDB Entry
- https://launchpad.support.sap.com/#/notes/2707024Permissions RequiredVendor Advisory
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699Vendor Advisory
FAQ
What is CVE-2018-2500?
CVE-2018-2500 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Under certain conditions SAP Mobile Secure Android client (before version 6.60.19942.0 SP28 1711) allows an attacker to access information which would otherwise be restricted.
How severe is CVE-2018-2500?
CVE-2018-2500 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-2500?
Check the references section above for vendor advisories and patch information. Affected products include: Sap Mobile Secure.