CVE-2019-0349

2019-08-1414:54:52

sap

www.cve.org

EPSS

0.001

Percentile

42.8%

JSON

SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute “Go to statement” without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check

CNA Affected

[
  {
    "product": "SAP Kernel (KRNL32NUC)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.21EXT"
      },
      {
        "status": "affected",
        "version": "< 7.22"
      },
      {
        "status": "affected",
        "version": "< 7.22EXT"
      }
    ]
  },
  {
    "product": "SAP Kernel (KRNL32UC)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.21EXT"
      },
      {
        "status": "affected",
        "version": "< 7.22"
      },
      {
        "status": "affected",
        "version": "< 7.22EXT"
      }
    ]
  },
  {
    "product": "SAP Kernel (KRNL64NUC)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.21EXT"
      },
      {
        "status": "affected",
        "version": "< 7.22"
      },
      {
        "status": "affected",
        "version": "< 7.22EXT"
      },
      {
        "status": "affected",
        "version": "< 7.49"
      }
    ]
  },
  {
    "product": "SAP Kernel (KRNL64UC)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.21EXT"
      },
      {
        "status": "affected",
        "version": "< 7.22"
      },
      {
        "status": "affected",
        "version": "< 7.22EXT"
      },
      {
        "status": "affected",
        "version": "< 7.49"
      },
      {
        "status": "affected",
        "version": "< 7.73"
      }
    ]
  },
  {
    "product": "SAP Kernel (KERNEL)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.21"
      },
      {
        "status": "affected",
        "version": "< 7.49"
      },
      {
        "status": "affected",
        "version": "< 7.53"
      },
      {
        "status": "affected",
        "version": "< 7.73"
      },
      {
        "status": "affected",
        "version": "< 7.75"
      },
      {
        "status": "affected",
        "version": "< 7.76"
      },
      {
        "status": "affected",
        "version": "< 7.77"
      }
    ]
  }
]

References

launchpad.support.sap.com/#/notes/2798743

wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017

EPSS

0.001

Percentile

42.8%

JSON

Related for CVELIST:CVE-2019-0349