CVE-2018-2370

Server Side Request Forgery (SSRF) vulnerability in SAP Central Management Console, BI Launchpad and Fiori BI Launchpad, 4.10, from 4.20, from 4.30, could allow a malicious user to use common techniques to determine which ports are in use on the backend server.
Configurations

Configuration 1

cpe:2.3:a:sap:bi_launchpad:4.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:bi_launchpad:4.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:bi_launchpad:4.20:*:*:*:*:*:*:*

Information

Published : 2018-02-14 12:29

Updated : 2018-03-15 07:10


NVD link : CVE-2018-2370

Mitre link : CVE-2018-2370

Products Affected
No products.
CWE
CWE-918

Server-Side Request Forgery (SSRF)