Sign-up

ID

VAR-201812-0567


CVE

CVE-2018-2504


TITLE

SAP NetWeaver AS Java Web Container Service cross-site scripting vulnerability

Trust: 1.4

sources: JVNDB: JVNDB-2018-013044 // CNNVD: CNNVD-201812-479

DESCRIPTION

SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability. This is fixed in versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50. Remote attackers can exploit this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. SAP NetWeaver AS Java 7.10 ,7.11, 7.20, 7.30, 7.31, 7.40 and 7.50 are vulnerable

Trust: 1.89

sources: NVD: CVE-2018-2504 // JVNDB: JVNDB-2018-013044 // BID: 106150

AFFECTED PRODUCTS

vendor:sapmodel:netweaver application server javascope:eqversion:7.31

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.30

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.40

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.11

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.50

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.10

Trust: 1.0

vendor:sapmodel:netweaver application server javascope:eqversion:7.20

Trust: 1.0

vendor:sapmodel:netweaverscope: - version: -

Trust: 0.8

vendor:sapmodel:netweaverscope:eqversion:7.11

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.50

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.20

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.31

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.10

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.30

Trust: 0.6

vendor:sapmodel:netweaverscope:eqversion:7.40

Trust: 0.6

vendor:sapmodel:netweaver as javascope:eqversion:7.50

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.40

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.31

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.30

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.20

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.11

Trust: 0.3

vendor:sapmodel:netweaver as javascope:eqversion:7.10

Trust: 0.3

sources: BID: 106150 // JVNDB: JVNDB-2018-013044 // CNNVD: CNNVD-201812-479 // NVD: CVE-2018-2504

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-2504
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-2504
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201812-479
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2018-2504
severity: MEDIUM
baseScore: 4.3
vectorString: AV:N/AC:M/AU:N/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.6
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

nvd@nist.gov: CVE-2018-2504
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 2.7
version: 3.1

Trust: 1.0

NVD: CVE-2018-2504
baseSeverity: MEDIUM
baseScore: 6.1
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: LOW
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2018-013044 // CNNVD: CNNVD-201812-479 // NVD: CVE-2018-2504

PROBLEMTYPE DATA

problemtype:CWE-79

Trust: 1.8

sources: JVNDB: JVNDB-2018-013044 // NVD: CVE-2018-2504

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201812-479

TYPE

XSS

Trust: 0.6

sources: CNNVD: CNNVD-201812-479

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-013044

PATCH
title:SAP Security Patch Day - December 2018url:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=508559699
Trust: 0.8
title:SAP NetWeaver AS Java Web Container service Fixes for cross-site scripting vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=87727
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-013044 // 
            
            
            
            CNNVD: CNNVD-201812-479

EXTERNAL IDS
db:NVDid:CVE-2018-2504
Trust: 2.7
db:BIDid:106150
Trust: 1.9
db:JVNDBid:JVNDB-2018-013044
Trust: 0.8
db:CNNVDid:CNNVD-201812-479
Trust: 0.6
sources:
            
            
            BID: 106150 // 
            
            
            
            JVNDB: JVNDB-2018-013044 // 
            
            
            
            CNNVD: CNNVD-201812-479 // 
            
            
            
            NVD: CVE-2018-2504

REFERENCES
url:https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageid=508559699
Trust: 1.9
url:http://www.securityfocus.com/bid/106150
Trust: 1.6
url:https://launchpad.support.sap.com/#/notes/2718993
Trust: 1.6
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-2504
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-2504
Trust: 0.8
url:http://www.sap.com
Trust: 0.3
url:https://service.sap.com/sap/support/notes/2718993
Trust: 0.3
sources:
            
            
            BID: 106150 // 
            
            
            
            JVNDB: JVNDB-2018-013044 // 
            
            
            
            CNNVD: CNNVD-201812-479 // 
            
            
            
            NVD: CVE-2018-2504

CREDITS
The vendor reported this issue.
Trust: 0.3
sources:
            
            
            BID: 106150

SOURCES
db:BIDid:106150
db:JVNDBid:JVNDB-2018-013044
db:CNNVDid:CNNVD-201812-479
db:NVDid:CVE-2018-2504

LAST UPDATE DATE
2024-11-23T22:30:10.568000+00:00

SOURCES UPDATE DATE
db:BIDid:106150date:2018-12-11T00:00:00
db:JVNDBid:JVNDB-2018-013044date:2019-02-13T00:00:00
db:CNNVDid:CNNVD-201812-479date:2021-04-22T00:00:00
db:NVDid:CVE-2018-2504date:2024-11-21T04:03:55.793

SOURCES RELEASE DATE
db:BIDid:106150date:2018-12-11T00:00:00
db:JVNDBid:JVNDB-2018-013044date:2019-02-13T00:00:00
db:CNNVDid:CNNVD-201812-479date:2018-12-12T00:00:00
db:NVDid:CVE-2018-2504date:2018-12-11T22:29:00.640