By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/106156 | Third Party Advisory VDB Entry |
https://launchpad.support.sap.com/#/notes/2658279 | Permissions Required |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: sap
Published: 2018-12-11T23:00:00
Updated: 2018-12-12T10:57:01
Reserved: 2017-12-15T00:00:00
Link: CVE-2018-2503
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-12-11T22:29:00.593
Modified: 2021-09-09T17:17:24.160
Link: CVE-2018-2503
JSON object: View
Redhat Information
No data.
CWE