← back
CVE-2018-2492

CVE-2018-2492

EPSS 1.1%
SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source. This is fixed in versions 7.2, 7.30, 7.31, 7.40 and 7.50.
Affected products
SAP · SAP NetWeaver Application Server (Java Library)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/2642680https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699http://www.securityfocus.com/bid/106153