CVE-2019-0351
N/A
N/A
Summary
A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, or deleting data by injecting code into the working memory which is subsequently executed by the application. It can also be used to cause a general fault in the product, causing the product to terminate.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.10 | affected |
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.20 | affected |
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.30 | affected |
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.31 | affected |
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.40 | affected |
| SAP SE | SAP NetWeaver UDDI Server (Services Registry) | < 7.50 | affected |
Weaknesses
- others
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
- https://launchpad.support.sap.com/#/notes/2800779
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
- https://launchpad.support.sap.com/#/notes/2800779
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.