| |
Vulnerability CVE-2019-0367
Published: 2019-10-08
| Description: |
SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check. |
Type:
CWE-862 (Missing Authorization)
CVSS2 => (AV:N/AC:L/Au:S/C:N/I:P/A:N)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4/10 |
2.9/10 |
8/10 |
| Exploit range |
Attack complexity |
Authentication |
Remote |
Low |
Single time |
| Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://launchpad.support.sap.com/#/notes/2805777
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
