3 matches found
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file API...
CVE-2018-2367
The CVE affects SAP BASIS ABAP File Interface (v7.00–7.02, 7.10–7.11, 7.30–7.31, 7.40, 7.50–7.52). The root cause is insufficient validation of user-provided path information, allowing directory traversal characters to propagate to the file APIs. This could enable an attacker to access arbitrary ...