on 10-24-2019 7:03 PM
Hi,
As per below links Crystal Reports has "CVE-2018-2427: SAP BusinessObjects and Crystal Reports Remote Code Execution Vulnerability".
References:
CVE, http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2427
CVE, http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2427
Other, https://launchpad.support.sap.com//notes/2620738
Other, https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=497256000
Where can I find if this vunerability is fixed in Crystal Reports 2016 SP6 (v14.2.6.2839) or not? Please guide me to the release note of Crystal Reports 2016 SP6 (v14.2.6.2839) that shows the vulnerabilities and issues fixed.
According to SAP Note 2620738 - [CVE-2018-2427] Code Injection vulnerability in SAP CrystalReports
fixed in
Crystal Reports for VS SP23
Crystal Reports 2013 SP9 Patch12, SP10 Patch6, SP11 Patch1 or SP12
Crystal Reports 2016 SP4 Patch8, SP5 Patch 3 or SP6
so it fixed in
Crystal Reports 2016 SP6
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
81 | |
25 | |
12 | |
9 | |
7 | |
6 | |
5 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.