CVE-2019-0304
N/A
N/A
Summary
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inject code or specifically manipulated command that can be executed by the application. An attacker could thereby control the behaviour of the application.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32NUC) | < 7.21 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32NUC) | < 7.21EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32NUC) | < 7.22 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32NUC) | < 7.22EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32UC) | < 7.21 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32UC) | < 7.21EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32UC) | < 7.22 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL32UC) | < 7.22EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64NUC) | < 7.21 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64NUC) | < 7.21EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64NUC) | < 7.22 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64NUC) | < 7.22EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64NUC) | < 7.49 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.21 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.21EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.22 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.22EXT | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.49 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KRNL64UC) | < 7.73 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KERNEL) | < 7.21 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KERNEL) | < 7.45 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KERNEL) | < 7.49 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KERNEL) | < 7.53 | affected |
| SAP SE | SAP NetWeaver AS ABAP Platform(KERNEL) | < 7.73 | affected |
Weaknesses
- Code Injection
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/2719530
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242
References
- https://launchpad.support.sap.com/#/notes/2719530
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.