CVE-2019-0257
published 2019-02-15CVE-2019-0257: Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from…
high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | — | — |
| sap | netweaver_application_server_abap | 7.0 – 7.02 | — |
| sap | netweaver_application_server_abap | 7.50 – 7.53 | — |
| sap | netweaver_as_abap | 7.10 – 7.11 | — |
| sap | netweaver_as_abap | 7.74 – 7.75 | — |
| sap_se | abap_platform | < from 7.0 to 7.02 | from 7.0 to 7.02 |
| sap_se | abap_platform | < from 7.10 to 7.11 | from 7.10 to 7.11 |
| sap_se | abap_platform | < 7.30 | 7.30 |
| sap_se | abap_platform | < 7.31 | 7.31 |
| sap_se | abap_platform | < 7.40 | 7.40 |
| sap_se | abap_platform | < from 7.50 to 7.53 | from 7.50 to 7.53 |
| sap_se | abap_platform | < from 7.74 to 7.75 | from 7.74 to 7.75 |