SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106153 | Third Party Advisory VDB Entry |
https://launchpad.support.sap.com/#/notes/2642680 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2018-12-11T23:00:00
Updated: 2018-12-12T10:57:01
Reserved: 2017-12-15T00:00:00
Link: CVE-2018-2492
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-11T22:29:00.297
Modified: 2021-04-20T19:21:10.330
Link: CVE-2018-2492
JSON object: View
Redhat Information
No data.
CWE