CVE-2018-2394

MEDIUM

SAP Internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49, 7.53 - Unauthenticated Denial of Service

Title source: llm

Description

Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files.

References (2)

Core 2

Core References

Permissions Required, Vendor Advisory x_refsource_confirm

https://launchpad.support.sap.com/#/notes/2525222

Vendor Advisory x_refsource_confirm

https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/

Scores

CVSS v3 6.5

EPSS 0.0044

EPSS Percentile 63.5%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Status published

Products (5)

sap/internet_graphics_server 7.20

sap/internet_graphics_server 7.20ext

sap/internet_graphics_server 7.45

sap/internet_graphics_server 7.49

sap/internet_graphics_server 7.53

Published Feb 14, 2018

Tracked Since Feb 18, 2026