CVE-2018-2398

Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted.