CVE-2019-0257
N/A
N/A
Summary
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | ABAP Platform(SAP Basis) | < from 7.0 to 7.02 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < from 7.10 to 7.11 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < 7.30 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < 7.31 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < 7.40 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < from 7.50 to 7.53 | affected |
| SAP SE | ABAP Platform(SAP Basis) | < from 7.74 to 7.75 | affected |
Weaknesses
- Missing Authorization Check
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
- https://launchpad.support.sap.com/#/notes/2728839
- http://www.securityfocus.com/bid/106999
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
- https://launchpad.support.sap.com/#/notes/2728839
- http://www.securityfocus.com/bid/106999
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.