| |
Vulnerability CVE-2019-0328
Published: 2019-07-10
| Description: |
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system. |
Type:
CWE-78 (Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
)
CVSS2 => (AV:N/AC:L/Au:S/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
9/10 |
10/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
http://www.securityfocus.com/bid/109067
https://launchpad.support.sap.com/#/notes/2774489
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
