CVE-2019-0389
N/A
N/A
Summary
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.1 | affected |
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.2 | affected |
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.3 | affected |
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.31 | affected |
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.4 | affected |
| SAP SE | SAP NetWeaver Application Server Java (J2EE-Framework) | < 7.5 | affected |
Weaknesses
- Other
ADP Enrichment
CVE Program Container
Additional References
- https://launchpad.support.sap.com/#/notes/2814357
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
References
- https://launchpad.support.sap.com/#/notes/2814357
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.