CVE-2019-0293

Name of the Vulnerable Software and Affected Versions: SAP Solution Manager system (ST-PI) versions prior to 2008 1 700 SAP Solution Manager system (ST-PI) versions prior to 2008 1 710 SAP Solution Manager system (ST-PI) version prior to 740

Description: The issue is related to the read of RFC destination, which does not always perform necessary authorization checks. This results in escalation of privileges to access information on RFC destinations on managed systems and the SAP Solution Manager system.

Recommendations: For SAP Solution Manager system (ST-PI) versions prior to 2008 1 700, update to version 2008 1 700 or later. For SAP Solution Manager system (ST-PI) versions prior to 2008 1 710, update to version 2008 1 710 or later. For SAP Solution Manager system (ST-PI) version prior to 740, update to version 740 or later.