CVE-2019-0248

3 documents3 sources

Severity

5.9MEDIUM

EPSS

0.3%

top 42.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP Gateway OF Abap Application Server(sap Basis)SAP SE SAP Gateway OF Abap Application Server(sap Gwfnd)SAP Basis +1 more

Timeline

PublishedJan 8

Latest updateMay 13

Description

Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5sap_se/sap_gateway_of_abap_application_server(sap_basis)< 7.5

▶CVEListV5sap_se/sap_gateway_of_abap_application_server(sap_gwfnd)< 7.5+3

▶NVDsap/basis7.5

▶NVDsap/netweaver4 versions+3

🔴Vulnerability Details

GHSA

GHSA-x7v6-r6c2-98v3: Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7↗2022-05-13

▶

CVEList

CVE-2019-0248: Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7↗2019-01-08

▶