CVE-2018-2499 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2018-2499

CWE

https://cwe.mitre.org/data/definitions/.html

A security weakness in SAP Financial Consolidation Cube Designer (BOBJ_EADES fixed in versions 8.0, 10.1) may allow an attacker to discover the password hash of an admin user.

Affected Software

Name	Vendor	Start Version	End Version
Financial_consolidation_cube_designer	Sap	10.1 (including)	10.1 (including)
Financial_consolidation_cube_designer_bobj_eades	Sap	8.0 (including)	8.0 (including)

References

http://www.securityfocus.com/bid/106466
https://launchpad.support.sap.com/#/notes/2699233
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985
http://www.securityfocus.com/bid/106466
https://launchpad.support.sap.com/#/notes/2699233
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=509151985