CVE-2019-0257

Summary

Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Affected Software

VendorProductVersion RangeStatus
SAP SEABAP Platform(SAP Basis)< from 7.0 to 7.02affected
SAP SEABAP Platform(SAP Basis)< from 7.10 to 7.11affected
SAP SEABAP Platform(SAP Basis)< 7.30affected
SAP SEABAP Platform(SAP Basis)< 7.31affected
SAP SEABAP Platform(SAP Basis)< 7.40affected
SAP SEABAP Platform(SAP Basis)< from 7.50 to 7.53affected
SAP SEABAP Platform(SAP Basis)< from 7.74 to 7.75affected

Weaknesses

  • Missing Authorization Check

ADP Enrichment

CVE Program Container

Additional References

References