CVE-2018-2380

SAP | Customer Relationship Management (CRM)Added 2021-11-03Remediation Deadline 2022-05-03Active Ransomware Campaign

SAP Customer Relationship Management (CRM) Path Traversal Vulnerability

SAP Customer Relationship Management (CRM) contains a path traversal vulnerability that allows an attacker to exploit insufficient validation of path information provided by users.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-22

References

https://nvd.nist.gov/vuln/detail/CVE-2018-2380

Cybersecurity Alerts

CVE-2018-2380

SAP Customer Relationship Management (CRM) Path Traversal Vulnerability

Required Action

Weakness Classification

References