CVE-2019-0327
published 2019-07-10CVE-2019-0327: SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4…
high7.2CVSS 3.0
AVNACLPRHUINSUCHIHAH
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.1 | 7.1 |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.2 | 7.2 |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.3 | 7.3 |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.31 | 7.31 |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.4 | 7.4 |
| sap_se | sap_netweaver_for_java_application_server_web_container | < 7.5 | 7.5 |