SAP Enable Now, before version 1911, leaks information about network configuration in the server error messages, leading to Information Disclosure.
References
Link | Resource |
---|---|
https://launchpad.support.sap.com/#/notes/2845183 | Permissions Required Vendor Advisory |
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397 | Vendor Advisory |
Configurations
Information
Published : 2019-12-11 14:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-0404
Mitre link : CVE-2019-0404
JSON object : View
CWE
CWE-209
Generation of Error Message Containing Sensitive Information
Products Affected
sap
- enable_now