VDB
CVE-2018-2416
CVE-2018-2416
PUBLISHED
CVSS 5.400000095367432 MEDIUM
SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.
EPSS 0.75% · 73.5th percentile
Risk Scores
CVSS 3.0
5.400000095367432
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
EPSS Score
0.75%
73.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SAP | SAP Identity Management | 7.2, 8.0 |
| sap | identity_management | 7.2, 8.0 |
Exploit Intelligence
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- CVE-2014-0050 Vulnerable site sample (github-poc)
- 105076 (circl)
- 104106 (circl)
- https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/ (circl)
- https://launchpad.support.sap.com/#/notes/2597875 (circl)
- https://launchpad.support.sap.com/#/notes/2653519 (circl)
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742 (circl)
Timeline
- May 9, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- 105076 vdb
- 104106 vdb
- https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/ url
- https://launchpad.support.sap.com/#/notes/2597875 url
- https://launchpad.support.sap.com/#/notes/2653519 url
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=499352742 url
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=495289255 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2018-2416 advisory
- https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018 url