CVE-2018-2492

2018-12-11T22:29:00

Description

SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.

Affected Software

CPE Name	Name	Version
sap:netweaver_application_server_java	sap netweaver application server java	7.20
sap:netweaver_application_server_java	sap netweaver application server java	7.30
sap:netweaver_application_server_java	sap netweaver application server java	7.31
sap:netweaver_application_server_java	sap netweaver application server java	7.40
sap:netweaver_application_server_java	sap netweaver application server java	7.50

{"id": "CVE-2018-2492", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2018-2492", "description": "SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.", "published": "2018-12-11T22:29:00", "modified": "2021-04-20T19:21:00", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "SINGLE", "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 5.5}, "severity": "MEDIUM", "exploitabilityScore": 8.0, "impactScore": 4.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH"}, "exploitabilityScore": 2.8, "impactScore": 4.2}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2492", "reporter": "cna@sap.com", "references": ["https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "https://launchpad.support.sap.com/#/notes/2642680", "http://www.securityfocus.com/bid/106153"], "cvelist": ["CVE-2018-2492"], "immutableFields": [], "lastseen": "2022-03-23T16:34:00", "viewCount": 14, "enchantments": {"dependencies": {}, "score": {"value": 3.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "talos", "idList": ["SAP"]}]}, "exploitation": null, "affected_software": {"major_version": [{"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}, {"name": "sap netweaver application server java", "version": 7}]}, "vulnersScore": 3.7}, "_state": {"dependencies": 1659862649, "score": 1659805755, "affected_software_major_version": 1671579166}, "_internal": {"score_hash": "cdb4103134ebbe6cef754f73ecce51d7"}, "cna_cvss": {"cna": null, "cvss": {}}, "cpe": ["cpe:/a:sap:netweaver_application_server_java:7.20", "cpe:/a:sap:netweaver_application_server_java:7.40", "cpe:/a:sap:netweaver_application_server_java:7.31", "cpe:/a:sap:netweaver_application_server_java:7.30", "cpe:/a:sap:netweaver_application_server_java:7.50"], "cpe23": ["cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*"], "cwe": ["CWE-611"], "affectedSoftware": [{"cpeName": "sap:netweaver_application_server_java", "version": "7.20", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.30", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.31", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.40", "operator": "eq", "name": "sap netweaver application server java"}, {"cpeName": "sap:netweaver_application_server_java", "version": "7.50", "operator": "eq", "name": "sap netweaver application server java"}], "affectedConfiguration": [], "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"operator": "OR", "children": [], "cpe_match": [{"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.20:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.30:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.31:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.40:*:*:*:*:*:*:*", "cpe_name": []}, {"vulnerable": true, "cpe23Uri": "cpe:2.3:a:sap:netweaver_application_server_java:7.50:*:*:*:*:*:*:*", "cpe_name": []}]}]}, "extraReferences": [{"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "name": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699", "refsource": "MISC", "tags": ["Vendor Advisory"]}, {"url": "https://launchpad.support.sap.com/#/notes/2642680", "name": "https://launchpad.support.sap.com/#/notes/2642680", "refsource": "MISC", "tags": ["Permissions Required"]}, {"url": "http://www.securityfocus.com/bid/106153", "name": "106153", "refsource": "BID", "tags": ["Third Party Advisory", "VDB Entry"]}]}