5 matches found
CVE-2019-0304
CVE-2019-0304 affects SAP NetWeaver AS ABAP Platform, with multiple kernel versions listed (KRNL32NUC, KRNL32UC, KRNL64NUC, KRNL64UC, and KERNEL versions such as 7.21–7.73). The description states that the FTP function allows an attacker to inject code or send manipulated commands that can be exe...
CVE-2019-0265
CVE-2019-0265 affects SAP ABAP Platform SLD registration, enabling DoS by crashing or flooding the service. Affected kernel components include KRNL32NUC/UC and KRNL64NUC/UC with various 7.21–7.22/7.49 streams; 7.73 kernel also addressed for multiple upgrades (7.21–7.22, 7.45, 7.49, 7.53, 7.73, 7....
CVE-2019-0255
The CVE-2019-0255 entry pertains to SAP NetWeaver AS ABAP Platform (Krnl64nuc 7.74, krnl64UC 7.73–7.75, Kernel 7.73–7.75). The vulnerability arises from failing to validate the installation type for an ABAP Server system, which could allow a user to access the full SAP Easy Access Menu and potent...
CVE-2019-0349
CVE-2019-0349 affects SAP Kernel (ABAP Debugger). The flaw allows a user to execute the Go to statement without the authorization S_DEVELOP_DEBUG_02, resulting in a Missing Authorization Check. Affected are SAP Kernel ABAP Debugger variants: KRNL32NUC/UC, KRNL64NUC/UC, across versions 7.21, 7.21E...
CVE-2019-0270
SAP NetWeaver ABAP Server and ABAP Platform were vulnerable to privilege escalation due to missing authorization checks for authenticated users. Affected components: ABAP Server (NetWeaver/ABAP Platform). Root cause: inadequate authorization validation enabling privilege escalation. The vulnerabi...