Lucene search
SapCVELIST:CVE-2019-0327HistoryJul 10, 2019 - 7:09 p.m.
CVE-2019-0327
2019-07-1019:09:39
sap
www.cve.org
0.004 Low
EPSS
Percentile
72.9%
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
CNA Affected
[
{
"product": "SAP NetWeaver for Java Application Server - Web Container (engineapi) ",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.1"
},
{
"status": "affected",
"version": "< 7.2"
},
{
"status": "affected",
"version": "< 7.3"
},
{
"status": "affected",
"version": "< 7.31"
},
{
"status": "affected",
"version": "< 7.4"
},
{
"status": "affected",
"version": "< 7.5"
}
]
},
{
"product": "SAP NetWeaver for Java Application Server - Web Container (servercode)",
"vendor": "SAP SE",
"versions": [
{
"status": "affected",
"version": "< 7.2"
},
{
"status": "affected",
"version": "< 7.3"
},
{
"status": "affected",
"version": "< 7.31"
},
{
"status": "affected",
"version": "< 7.4"
},
{
"status": "affected",
"version": "< 7.5"
}
]
}
]Related
cve
cve
CVE-2019-0327
2019-07-10 20:15:12
prion
prion
Input validation
2019-07-10 20:15:00
nvd
nvd
CVE-2019-0327
2019-07-10 20:15:12