Lucene search

K
cvelistSapCVELIST:CVE-2019-0257
HistoryFeb 15, 2019 - 6:00 p.m.

CVE-2019-0257

2019-02-1518:00:00
sap
www.cve.org
4

AI Score

8.9

Confidence

High

EPSS

0.002

Percentile

65.0%

Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

CNA Affected

[
  {
    "product": "ABAP Platform(SAP Basis)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< from 7.0 to 7.02"
      },
      {
        "status": "affected",
        "version": "< from 7.10 to 7.11"
      },
      {
        "status": "affected",
        "version": "< 7.30"
      },
      {
        "status": "affected",
        "version": "< 7.31"
      },
      {
        "status": "affected",
        "version": "< 7.40"
      },
      {
        "status": "affected",
        "version": "< from 7.50 to 7.53"
      },
      {
        "status": "affected",
        "version": "< from 7.74 to 7.75"
      }
    ]
  }
]

AI Score

8.9

Confidence

High

EPSS

0.002

Percentile

65.0%

Related for CVELIST:CVE-2019-0257