7.5
CVE-2019-0404
- EPSS 0.28%
- Published 11.12.2019 22:15:12
- Last modified 21.11.2024 04:16:48
- Source cna@sap.com
- Teams watchlist Login
- Open Login
SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure.
Data is provided by the National Vulnerability Database (NVD)
SAP ≫ Enable Now Version < 1911
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.28% | 0.485 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-209 Generation of Error Message Containing Sensitive Information
The product generates an error message that includes sensitive information about its environment, users, or associated data.