Lucene search
SapCVELIST:CVE-2019-0386HistoryNov 13, 2019 - 10:18 p.m.
CVE-2019-0386
2019-11-1322:18:40
sap
www.cve.org
0.001 Low
EPSS
Percentile
31.5%
Order processing in SAP ERP Sales (corrected in SAP_APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18) and S4HANA Sales (corrected in S4CORE 1.0, 1.01, 1.02, 1.03, 1.04) does not execute the required authorization checks for an authenticated user, which can result in an escalation of privileges.
CNA Affected
[
{
"product": "SAP ERP Sales (SAP_APPL)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 6.0"
},
{
"status": "affected",
"version": "< 6.02"
},
{
"status": "affected",
"version": "< 6.03"
},
{
"status": "affected",
"version": "< 6.04"
},
{
"status": "affected",
"version": "< 6.05"
},
{
"status": "affected",
"version": "< 6.06"
},
{
"status": "affected",
"version": "< 6.16"
},
{
"status": "affected",
"version": "< 6.17"
},
{
"status": "affected",
"version": "< 6.18"
}
]
},
{
"product": "S4HANA Sales (S4CORE)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 1.0"
},
{
"status": "affected",
"version": "< 1.01"
},
{
"status": "affected",
"version": "< 1.02"
},
{
"status": "affected",
"version": "< 1.03"
},
{
"status": "affected",
"version": "< 1.04"
}
]
}
]Related
symantec
symantec
cve
cve
CVE-2019-0386
2019-11-13 23:15:11
nvd
nvd
CVE-2019-0386
2019-11-13 23:15:11
prion
prion
Authorization
2019-11-13 23:15:00