PT-2019-11239 · Sap · Sap Enable Now

Published

2019-12-11

Updated

2019-12-17

CVE-2019-0405

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: SAP Enable Now versions prior to 1911

Description: The issue allows information leakage about the existence of a particular user, which can be utilized to create a list of users. This leads to a user enumeration issue and information disclosure.

Recommendations: For versions prior to 1911, update to version 1911 or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2019-0405

Affected Products

Sap Enable Now

PT-2019-11239 · Sap · Sap Enable Now

CVE-2019-0405

Weakness Enumeration

Related Identifiers

Affected Products

References · 4