PT-2019-11224 · Sap · Sap Netweaver As For Abap/Abap Platform

Published

2019-06-12

Updated

2021-07-21

CVE-2019-0304

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Platform versions 7.21 through 7.73

Description: The issue allows an attacker to inject code or specifically manipulated commands that can be executed by the application, potentially controlling the application's behavior.

Recommendations: For SAP NetWeaver AS ABAP Platform versions 7.21 through 7.73, update to a version that includes the fix for this issue to prevent code injection and command manipulation.

Fix

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-74

Related Identifiers

CVE-2019-0304

Affected Products

Sap Netweaver As For Abap/Abap Platform

PT-2019-11224 · Sap · Sap Netweaver As For Abap/Abap Platform

CVE-2019-0304

Weakness Enumeration

Related Identifiers

Affected Products

References · 4