Vulnerability Details : CVE-2018-2491
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the hyperlink in the viewer. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
Products affected by CVE-2018-2491
- cpe:2.3:a:sap:fiori_client:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-2491
0.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 30 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-2491
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:P/A:P |
8.6
|
6.4
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-2491
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-2491
-
https://launchpad.support.sap.com/#/notes/2691126
SAP ONE Support Launchpad: Log OnPermissions Required;Vendor Advisory
-
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=503809832
SAP Security Patch Day – November 2018 - Product Security Response at SAP - SCN WikiVendor Advisory
Jump to