Description
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
Affected Software
{"id": "CVE-2018-2492", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-2492", "description": "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.", "published": "2018-12-11T22:29:00", "modified": "2021-04-20T19:21:00", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 5.5}, "severity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 4.2}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2492", "reporter": "cna@sap.com", "references": ["https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "https://launchpad.support.sap.com/#/notes/2642680", "http://www.securityfocus.com/bid/106153"], "cvelist": ["CVE-2018-2492"], "immutableFields": [], "lastseen": "2022-03-23T16:34:00", "viewCount": 14, "enchantments": {"dependencies": {}, "score": {"value": 3.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "talos", "idList": ["SAP"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}]}, "vulnersScore": 3.7}, "_state": {"dependencies": 1659862649, "score": 1659805755, "affected_software_major_version": 1671579166}, "_internal": {"score_hash": "cdb4103134ebbe6cef754f73ecce51d7"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:sap:netweaver_application_server_java:7.20", "cpe:/a:sap:netweaver_application_server_java:7.40", "cpe:/a:sap:netweaver_application_server_java:7.31", "cpe:/a:sap:netweaver_application_server_java:7.30", "cpe:/a:sap:netweaver_application_server_java:7.50"], "cpe23": ["cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*"], "cwe": ["CWE-611"], "affectedSoftware": [{"cpeName": "sap:netweaver_application_server_java", "version": "7.20", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.30", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.31", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.40", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.50", "operator": "eq", "name": "sap netweaver application server java"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://launchpad.support.sap.com/#/notes/2642680", "name": "https://launchpad.support.sap.com/#/notes/2642680", "refsource": "MISC", "tags": ["Permissions Required"]}, {"url": "http://www.securityfocus.com/bid/106153", "name": "106153", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"]}]}
{}