PT-2019-2025 · Sap · Sap Netweaver
Publicado
2019-02-12
·
Atualizado
2019-03-13
·
CVE-2019-0265
CVSS v2.0
7.7
Alta
| Vetor | AV:N/AC:L/Au:M/C:C/I:N/A:C |
Name of the Vulnerable Software and Affected Versions
SAP NetWeaver versions prior to 7.21EXT
SAP NetWeaver versions 7.21 through 7.22
SAP NetWeaver version 7.49
SAP NetWeaver version 7.53
SAP NetWeaver version 7.73
SAP NetWeaver version 7.75
Description
The issue is related to errors in processing external XML objects when analyzing an XML file, which can lead to a denial of service. An attacker can exploit this by sending a specially crafted request, potentially causing the service to crash or become unavailable.
Recommendations
For versions prior to 7.21EXT, update to version 7.21EXT or later.
For versions 7.21 through 7.22, update to version 7.22EXT or later.
For version 7.49, update to a later version.
For version 7.53, update to a later version.
For version 7.73, update to a later version.
For version 7.75, update to a later version.
Correção
XXE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Sap Netweaver