CVE-2019-0330

Summary

The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand Console of SAP Diagnostic Agent (LM-Service), version 7.2, allow an attacker to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP Diagnostic Agent (LM-Service)< 7.20affected

Weaknesses

  • Code Injection

ADP Enrichment

CVE Program Container

Additional References

References