CVE-2018-2425 HIGH

CVE-2018-2425

Vendor Sap Se
Product SAP Business One
Published June 12, 2018
Last update August 5, 2024

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted.

Key dates

02Disclosure timeline

June 12, 2018 CVE published
August 5, 2024 Record updated