CVE-2019-0312

Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings.
References
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:sap:netweaver_process_integration:7.50:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.20:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.10:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.11:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.30:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.31:*:*:*:*:*:*:*
cpe:2.3:a:sap:netweaver_process_integration:7.40:*:*:*:*:*:*:*

Information

Published : 2019-06-12 10:29

Updated : 2020-08-24 10:37


NVD link : CVE-2019-0312

Mitre link : CVE-2019-0312


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

sap

  • netweaver_process_integration