CVE-2019-0391

Published: Nov 13, 2019Modified: Nov 21, 2024

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.

Affected (6)

Products: Sap: Netweaver Application Server Java

Sap

1 product

Netweaver Application Server Java

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Sap Netweaver Application Server Java	Version 7.10
Sap Netweaver Application Server Java	Version 7.20
Sap Netweaver Application Server Java	Version 7.30
Sap Netweaver Application Server Java	Version 7.31
Sap Netweaver Application Server Java	Version 7.40
Sap Netweaver Application Server Java	Version 7.50

References (4)

https://launchpad.support.sap.com/#/notes/2835226

Source: cna@sap.com

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390

Source: cna@sap.com

Vendor Advisory

https://launchpad.support.sap.com/#/notes/2835226

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredVendor Advisory

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.