CVE-2019-0380

CWE-532Log File Information Exposure3 documents3 sources
Severity
4.9MEDIUM
EPSS
0.3%
top 45.13%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
SAP SE SAP Landscape Management Enterprise EditionSAP Landscape Management
Timeline
PublishedOct 8
Latest updateMay 24

Description

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 1.2 | Impact: 3.6

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-5q4m-vww4-2rhm: Under certain conditions, SAP Landscape Management enterprise edition, before version 32022-05-24
CVEList
CVE-2019-0380: Under certain conditions, SAP Landscape Management enterprise edition, before version 32019-10-08
CVE-2019-0380 (MEDIUM CVSS 4.9) | Under certain conditions | cvebase.io