{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T08:20:52.629","vulnerabilities":[{"cve":{"id":"CVE-2018-2374","sourceIdentifier":"cna@sap.com","published":"2018-02-14T12:29:00.547","lastModified":"2024-11-21T04:03:42.163","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space."},{"lang":"es","value":"En SAP HANA Extended Application Services 1.0, un usuario controller que tenga la autorización SpaceAuditor en un espacio específico podría recuperar datos sensibles de la aplicación como los enlaces del servicio en ese espacio."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:sap:hana_extended_application_services:1.0:*:*:*:*:*:*:*","matchCriteriaId":"F314AEB2-7F5C-4CD8-8DD5-359B75FCD9C5"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/103018","source":"cna@sap.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/","source":"cna@sap.com","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/2589129","source":"cna@sap.com","tags":["Permissions Required"]},{"url":"http://www.securityfocus.com/bid/103018","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://launchpad.support.sap.com/#/notes/2589129","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Permissions Required"]}]}}]}