CVE-2019-0384

🗓️ 17 Dec 2019 19:24:06Reported by sapType

Transaction Management in SAP Treasury and Risk Management doesn't perform necessary authorization checks (CVE-2019-0384

Reporter	Title	Published	Views	Family All 7
CNVD	Unspecified vulnerability in SAP Treasury and Risk Management	4 Dec 201900:00	–	cnvd
Cvelist	CVE-2019-0384	17 Dec 201919:24	–	cvelist
EUVD	EUVD-2019-1157	7 Oct 202500:30	–	euvd
NVD	CVE-2019-0384	17 Dec 201920:15	–	nvd
Prion	Authorization	17 Dec 201920:15	–	prion
RedhatCVE	CVE-2019-0384	22 May 202507:37	–	redhatcve
Symantec	SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability	12 Nov 201900:00	–	symantec

NVD

Vulners

Node

sap enterprise_extension_financial_servicesMatch6.0

sap enterprise_extension_financial_servicesMatch6.03

sap enterprise_extension_financial_servicesMatch6.04

sap enterprise_extension_financial_servicesMatch6.05

sap enterprise_extension_financial_servicesMatch6.06

sap enterprise_extension_financial_servicesMatch6.16

sap enterprise_extension_financial_servicesMatch6.17

sap enterprise_extension_financial_servicesMatch6.18

sap enterprise_extension_financial_servicesMatch8.0

sap treasury_and_risk_management_(s4core)Match1.01

sap treasury_and_risk_management_(s4core)Match1.02

sap treasury_and_risk_management_(s4core)Match1.03

sap treasury_and_risk_management_(s4core)Match1.04

[
  {
    "product": "SAP Treasury and Risk Management (S4CORE)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.01"
      },
      {
        "status": "affected",
        "version": "< 1.02"
      },
      {
        "status": "affected",
        "version": "< 1.03"
      },
      {
        "status": "affected",
        "version": "< 1.04"
      }
    ]
  },
  {
    "product": "SAP Treasury and Risk Management (EA-FINSERV)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 6.0"
      },
      {
        "status": "affected",
        "version": "< 6.03"
      },
      {
        "status": "affected",
        "version": "< 6.04"
      },
      {
        "status": "affected",
        "version": "< 6.05"
      },
      {
        "status": "affected",
        "version": "< 6.06"
      },
      {
        "status": "affected",
        "version": "< 6.16"
      },
      {
        "status": "affected",
        "version": "< 6.17"
      },
      {
        "status": "affected",
        "version": "< 6.18"
      },
      {
        "status": "affected",
        "version": "< 8.0"
      }
    ]
  }
]

Source	Link
launchpad	www.launchpad.support.sap.com/
wiki	www.wiki.scn.sap.com/wiki/pages/viewpage.action

21 Nov 2024 04:16Current

8.6High risk

Vulners AI Score8.6

CVSS 26.5

CVSS 3.18.8

EPSS0.00334

CWE-863