CVE-2019-0393
N/A
N/A
Summary
An SQL Injection vulnerability in SAP Quality Management (corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03) allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| SAP SE | SAP Quality Management (S4CORE) | < 1.0 | affected |
| SAP SE | SAP Quality Management (S4CORE) | < 1.01 | affected |
| SAP SE | SAP Quality Management (S4CORE) | < 1.02 | affected |
| SAP SE | SAP Quality Management (S4CORE) | < 1.03 | affected |
Weaknesses
- SQL Injection
ADP Enrichment
CVE Program Container
Additional References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
- https://launchpad.support.sap.com/#/notes/2816035
References
- https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
- https://launchpad.support.sap.com/#/notes/2816035
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.