CVE-2018-2421
https://notcve.org/view.php?id=CVE-2018-2421
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. SAP Internet Graphics Server (IGS) Portwatcher 7.20, 7.20EXT, 7.45, 7.49 y 7.53 permite que un atacante evite que usuarios legítimos accedan a un servicio, ya sea cerrando o inundando el servicio. • http://www.securityfocus.com/bid/104111 https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018 https://launchpad.support.sap.com/#/notes/2616599 •
CVE-2018-2420
https://notcve.org/view.php?id=CVE-2018-2420
SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation. SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49 y 7.53 permite que un atacante suba cualquier archivo (incluyendo archivos de script) sin una validación del formato de archivo adecuada. • http://www.securityfocus.com/bid/104108 https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018 https://launchpad.support.sap.com/#/notes/2615635 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-2422
https://notcve.org/view.php?id=CVE-2018-2422
SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. SAP Internet Graphics Server (IGS) Portwatcher 7.20, 7.20EXT, 7.45, 7.49 y 7.53 permite que un atacante evite que usuarios legítimos accedan a un servicio, ya sea cerrando o inundando el servicio. • http://www.securityfocus.com/bid/104110 https://blogs.sap.com/2018/05/08/sap-security-patch-day-may-2018 https://launchpad.support.sap.com/#/notes/2617553 •
CVE-2018-2383
https://notcve.org/view.php?id=CVE-2018-2383
Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. Vulnerabilidad de Cross-Site Scripting (XSS) reflejado en SAP internet Graphics Server 7.20, 7.20EXT, 7.45, 7.49 y 7.53. • https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018 https://launchpad.support.sap.com/#/notes/2525222 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-2393 – SAP Internet Graphics Server (IGS) XMLCHART XXE
https://notcve.org/view.php?id=CVE-2018-2393
Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable. Bajo ciertas circunstancias, SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49 y 7.53 no valida XML External Entity correctamente, lo que provoca que SAP Internet Graphics Server (IGS) no esté disponible. • https://blogs.sap.com/2018/02/13/sap-security-patch-day-february-2018 https://launchpad.support.sap.com/#/notes/2525222 • CWE-611: Improper Restriction of XML External Entity Reference •