CVE-2019-0389

Summary

An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.

Affected Software

VendorProductVersion RangeStatus
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.1affected
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.2affected
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.3affected
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.31affected
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.4affected
SAP SESAP NetWeaver Application Server Java (J2EE-Framework)< 7.5affected

Weaknesses

  • Other

ADP Enrichment

CVE Program Container

Additional References

References