Details of VAR-201805-0882

ID

VAR-201805-0882

CVE

CVE-2018-2418

TITLE

SAP MaxDB ODBC Code injection vulnerability in driver

Trust: 0.8

sources: JVNDB: JVNDB-2018-004827

DESCRIPTION

SAP MaxDB ODBC driver (all versions before 7.9.09.07) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application. SAP MaxDB ODBC The driver contains a code injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of UDL files by the Data Link Properties dialog. When parsing the Servername element, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the process. MaxDB ODBC Driver 7.9.09.07 is vulnerable; other versions may also be affected

Trust: 2.52

sources: NVD: CVE-2018-2418 // JVNDB: JVNDB-2018-004827 // ZDI: ZDI-18-423 // BID: 104115

AFFECTED PRODUCTS

vendor:	sap	model:	maxdb odbc driver	scope:	eq	version:	7.9.09.07	Trust: 1.1
vendor:	sap	model:	maxdb odbc driver	scope:	lt	version:	7.9.09.07	Trust: 1.0
vendor:	sap	model:	maxdb	scope:	-	version:	-	Trust: 0.7

sources: ZDI: ZDI-18-423 // BID: 104115 // JVNDB: JVNDB-2018-004827 // NVD: CVE-2018-2418

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2018-2418
value:	CRITICAL
Trust: 1.0
cna@sap.com:	CVE-2018-2418
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2018-2418
value:	CRITICAL
Trust: 0.8
ZDI:	CVE-2018-2418
value:	MEDIUM
Trust: 0.7
CNNVD:	CNNVD-201805-240
value:	CRITICAL
Trust: 0.6

nvd@nist.gov:	CVE-2018-2418
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
ZDI:	CVE-2018-2418
severity:	MEDIUM
baseScore:	6.8
vectorString:	AV:N/AC:M/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	MEDIUM
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	8.6
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.7

nvd@nist.gov:	CVE-2018-2418
baseSeverity:	CRITICAL
baseScore:	9.8
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	5.9
version:	3.0
Trust: 1.8
cna@sap.com:	CVE-2018-2418
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L
attackVector:	NETWORK
attackComplexity:	HIGH
privilegesRequired:	HIGH
userInteraction:	NONE
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.3
impactScore:	3.7
version:	3.0
Trust: 1.0

sources: ZDI: ZDI-18-423 // JVNDB: JVNDB-2018-004827 // CNNVD: CNNVD-201805-240 // NVD: CVE-2018-2418 // NVD: CVE-2018-2418

PROBLEMTYPE DATA

problemtype:

CWE-94

Trust: 1.8

sources: JVNDB: JVNDB-2018-004827 // NVD: CVE-2018-2418

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201805-240

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-201805-240

CONFIGURATIONS

sources: JVNDB: JVNDB-2018-004827

PATCH

title:	SAP Security Patch Day - May 2018	url:	https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/	Trust: 1.5
title:	SAP MaxDB ODBC Driver security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=79918	Trust: 0.6

sources: ZDI: ZDI-18-423 // JVNDB: JVNDB-2018-004827 // CNNVD: CNNVD-201805-240

EXTERNAL IDS

db:	NVD	id:	CVE-2018-2418	Trust: 3.4
db:	BID	id:	104115	Trust: 1.9
db:	JVNDB	id:	JVNDB-2018-004827	Trust: 0.8
db:	ZDI_CAN	id:	ZDI-CAN-5478	Trust: 0.7
db:	ZDI	id:	ZDI-18-423	Trust: 0.7
db:	CNNVD	id:	CNNVD-201805-240	Trust: 0.6

sources: ZDI: ZDI-18-423 // BID: 104115 // JVNDB: JVNDB-2018-004827 // CNNVD: CNNVD-201805-240 // NVD: CVE-2018-2418

REFERENCES

url:	https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/	Trust: 2.6
url:	https://launchpad.support.sap.com/#/notes/2610231	Trust: 1.9
url:	http://www.securityfocus.com/bid/104115	Trust: 1.6
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2418	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2018-2418	Trust: 0.8
url:	http://www.sap.com/	Trust: 0.3

sources: ZDI: ZDI-18-423 // BID: 104115 // JVNDB: JVNDB-2018-004827 // CNNVD: CNNVD-201805-240 // NVD: CVE-2018-2418

CREDITS

rgod

Trust: 0.7

sources: ZDI: ZDI-18-423

SOURCES

db:	ZDI	id:	ZDI-18-423
db:	BID	id:	104115
db:	JVNDB	id:	JVNDB-2018-004827
db:	CNNVD	id:	CNNVD-201805-240
db:	NVD	id:	CVE-2018-2418

LAST UPDATE DATE

2024-11-23T22:17:29.806000+00:00

SOURCES UPDATE DATE

db:	ZDI	id:	ZDI-18-423	date:	2018-05-14T00:00:00
db:	BID	id:	104115	date:	2018-05-08T00:00:00
db:	JVNDB	id:	JVNDB-2018-004827	date:	2018-06-28T00:00:00
db:	CNNVD	id:	CNNVD-201805-240	date:	2019-10-17T00:00:00
db:	NVD	id:	CVE-2018-2418	date:	2024-11-21T04:03:46.827

SOURCES RELEASE DATE

db:	ZDI	id:	ZDI-18-423	date:	2018-05-14T00:00:00
db:	BID	id:	104115	date:	2018-05-08T00:00:00
db:	JVNDB	id:	JVNDB-2018-004827	date:	2018-06-28T00:00:00
db:	CNNVD	id:	CNNVD-201805-240	date:	2018-05-10T00:00:00
db:	NVD	id:	CVE-2018-2418	date:	2018-05-09T20:29:00.823