CVE-2019-0389

2019-11-1321:58:44

sap

www.cve.org

AI Score

8.8

Confidence

High

EPSS

0.001

Percentile

42.8%

JSON

An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.

CNA Affected

[
  {
    "product": "SAP NetWeaver Application Server Java (J2EE-Framework)",
    "vendor": "SAP SE",
    "versions": [
      {
        "status": "affected",
        "version": "< 7.1"
      },
      {
        "status": "affected",
        "version": "< 7.2"
      },
      {
        "status": "affected",
        "version": "< 7.3"
      },
      {
        "status": "affected",
        "version": "< 7.31"
      },
      {
        "status": "affected",
        "version": "< 7.4"
      },
      {
        "status": "affected",
        "version": "< 7.5"
      }
    ]
  }
]