PT-2019-5598 · Sap · Sap Netweaver Process Integration Runtime Workbench

Publicado

2019-09-10

Atualizado

2020-09-10

CVE-2019-0356

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Process Integration Runtime Workbench – MESSAGING and SAP XIAF versions prior to 7.31, 7.40, 7.50

Description The issue is related to a lack of protection for internal data in the MESSAGING and SAP XIAF components of SAP NetWeaver Process Integration. Under certain conditions, this allows an attacker to access restricted information. The exploitation of this issue can enable a remote attacker to disclose protected information.

Recommendations For versions prior to 7.31, update to version 7.31 or later. For versions prior to 7.40, update to version 7.40 or later. For versions prior to 7.50, update to version 7.50 or later.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

BDU:2020-04625

CVE-2019-0356

Produtos afetados

Sap Netweaver Process Integration Runtime Workbench

PT-2019-5598 · Sap · Sap Netweaver Process Integration Runtime Workbench

CVE-2019-0356

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5