CVE-2019-0343
published 2019-08-14CVE-2019-0343: SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that…
high8.8CVSS 3.0
AVNACLPRLUINSUCHIHAH
SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap | commerce_cloud | — | — |
| sap_se | sap_commerce_cloud | < 6.4 | 6.4 |
| sap_se | sap_commerce_cloud | < 6.5 | 6.5 |
| sap_se | sap_commerce_cloud | < 6.6 | 6.6 |
| sap_se | sap_commerce_cloud | < 6.7 | 6.7 |
| sap_se | sap_commerce_cloud | < 1808 | 1808 |
| sap_se | sap_commerce_cloud | < 1811 | 1811 |
| sap_se | sap_commerce_cloud | < 1905 | 1905 |