Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
References
Link | Resource |
---|---|
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943 | Broken Link Vendor Advisory |
https://launchpad.support.sap.com/#/notes/2728839 | Permissions Required Vendor Advisory |
http://www.securityfocus.com/bid/106999 | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
Information
Published : 2019-02-15 10:29
Updated : 2022-10-05 07:17
NVD link : CVE-2019-0257
Mitre link : CVE-2019-0257
JSON object : View
CWE
CWE-862
Missing Authorization
Products Affected
sap
- netweaver_as_abap
- netweaver_application_server_abap