CVE-2018-2418

SAP MaxDB ODBC driver (all versions before 7.9.09.07) allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
References
Link Resource
http://www.securityfocus.com/bid/104115 Third Party Advisory VDB Entry
https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018/ Vendor Advisory
https://launchpad.support.sap.com/#/notes/2610231 Permissions Required Vendor Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:sap:maxdb_odbc_driver:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-05-09 20:29

Updated : 2024-02-28 16:25


NVD link : CVE-2018-2418

Mitre link : CVE-2018-2418

CVE.ORG link : CVE-2018-2418


JSON object : View

Products Affected

sap

  • maxdb_odbc_driver
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')