7.5
CVE-2018-2446
- EPSS 0.74%
- Published 14.08.2018 16:29:01
- Last modified 21.11.2024 04:03:49
- Source cna@sap.com
- Teams watchlist Login
- Open Login
Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.
Data is provided by the National Vulnerability Database (NVD)
SAP ≫ Businessobjects Business Intelligence Version4.1 Update-
SAP ≫ Businessobjects Business Intelligence Version4.2 Update-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Type | Source | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.74% | 0.72 |
Source | Base Score | Exploit Score | Impact Score | Vector string |
---|---|---|---|---|
nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|