CVE-2019-0393

2019-11-1321:59:55

sap

www.cve.org

5.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

22.9%

JSON

An SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03) allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results.

CNA Affected

[
  {
    "product": "SAP Quality Management (S4CORE)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 1.0"
      },
      {
        "status": "affected",
        "version": "< 1.01"
      },
      {
        "status": "affected",
        "version": "< 1.02"
      },
      {
        "status": "affected",
        "version": "< 1.03"
      }
    ]
  }
]