PT-2019-4580 · Sap · Sap Work Manager+1

Published

2019-06-12

Updated

2020-08-24

CVE-2019-0314

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions SAP Work Manager versions 6.3 through 6.5 SAP Inventory Manager version 4.3

Description The issue is related to inadequate access control in the SAP Work Manager and SAP Inventory Manager applications, which can be exploited to cause a denial of service. This could allow an attacker to prevent legitimate users from accessing a service by crashing or flooding it.

Recommendations For SAP Work Manager versions 6.3 through 6.5, update to a version that addresses the access control issue. For SAP Inventory Manager version 4.3, update to a version that addresses the access control issue. As a temporary workaround, consider restricting access to the service to minimize the risk of exploitation.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

BDU:2020-00640

CVE-2019-0314

Affected Products

Wp Inventory Manager

Sap Work Manager

PT-2019-4580 · Sap · Sap Work Manager+1

CVE-2019-0314

Weakness Enumeration

Related Identifiers

Affected Products

References · 6