PT-2019-11237 · Sap · Sap Enable Now

Published

2019-12-11

Updated

2020-08-24

CVE-2019-0403

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: SAP Enable Now versions prior to 1911

Description: The issue allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection.

Recommendations: For versions prior to 1911, update to version 1911 or later to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2019-0403

Sap Enable Now