CVE-2019-0402

4 documents4 sources

Severity

4.4MEDIUM

EPSS

0.1%

top 84.46%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP Adaptive Server Enterprise SAP SE SAP Adaptive Server Enterprise

Timeline

PublishedDec 11

Latest updateMay 24

Description

SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under certain conditions exposes some sensitive information to the admin, leading to Information Disclosure.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:NExploitability: 0.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5sap_se/sap_adaptive_server_enterprisebefore 15.7 and 16.0

▶NVDsap/adaptive< 15.7+1

Patches

Patch: wiki.scn.sap.com ↗Patch: wiki.scn.sap.com ↗

🔴Vulnerability Details

GHSA

GHSA-4w5w-4c66-6rx9: SAP Adaptive Server Enterprise, before versions 15↗2022-05-24

▶

CVEList

CVE-2019-0402: SAP Adaptive Server Enterprise, before versions 15↗2019-12-11

▶

💬Community

Bugzilla

CVE-2019-8955 tor: memory exhaustion in the KIST cell scheduler resulting in denial of service↗2019-02-22

▶