logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2018-2380

Description

SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.


Affected Software


CPE Name Name Version
sap:customer_relationship_management sap customer relationship management 7.33
sap:customer_relationship_management sap customer relationship management 7.01
sap:customer_relationship_management sap customer relationship management 7.02
sap:customer_relationship_management sap customer relationship management 7.30
sap:customer_relationship_management sap customer relationship management 7.31
sap:customer_relationship_management sap customer relationship management 7.54

Related