CVE-2019-0318

3 documents3 sources

Severity

5.3MEDIUM

EPSS

0.3%

top 43.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP Netweaver Application Server FOR Java (startup Framework)SAP Netweaver Application Server Java

Timeline

PublishedJul 10

Latest updateMay 24

Description

Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5sap_se/sap_netweaver_application_server_for_java_(startup_framework)< 7.21+4

▶NVDsap/netweaver_application5 versions+4

🔴Vulnerability Details

GHSA

GHSA-747g-w968-634p: Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7↗2022-05-24

▶

CVEList

CVE-2019-0318: Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework), versions 7↗2019-07-10

▶