8.8
CVE-2019-0389
- EPSS 0.46%
- Published 13.11.2019 22:15:11
- Last modified 21.11.2024 04:16:47
- Source cna@sap.com
- Teams watchlist Login
- Open Login
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
Data is provided by the National Vulnerability Database (NVD)
SAP ≫ Netweaver Application Server Java Version7.1
SAP ≫ Netweaver Application Server Java Version7.2
SAP ≫ Netweaver Application Server Java Version7.3
SAP ≫ Netweaver Application Server Java Version7.4
SAP ≫ Netweaver Application Server Java Version7.5
SAP ≫ Netweaver Application Server Java Version7.31
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.46% | 0.61 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|