CVE-2019-0355
published 2019-09-10CVE-2019-0355: SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap | netweaver_application_server_java | — | — |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.10 | 7.10 |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.20 | 7.20 |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.30 | 7.30 |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.31 | 7.31 |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.40 | 7.40 |
| sap_se | sap_netweaver_as_for_java_engineapi | < 7.50 | 7.50 |
| sap_se | sap_netweaver_as_for_java_sap-jeecor | < 6.40 | 6.40 |
| sap_se | sap_netweaver_as_for_java_sap-jeecor | < 7.0 | 7.0 |
| sap_se | sap_netweaver_as_for_java_sap-jeecor | < 7.01 | 7.01 |