Home

CVE-2019-0257

Description

Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.565

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver Application Server ABAP 7.02Windows
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver Application Server ABAP 7.30Windows
Vulnerabilities CVE-2019-0257,CVE-2019-0321 are affected in SAP NetWeaver Application Server ABAP 7.31Windows
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver Application Server ABAP 7.40Windows
Multiple Vulnerabilities are affected in SAP NetWeaver Application Server ABAP 7.53Windows
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.30Windows
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.31Windows
Vulnerabilities CVE-2019-0257 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.40Windows
Vulnerabilities CVE-2019-0257,CVE-2019-0321 are affected in SAP NetWeaver and ABAP platform (ST-PI) 7.31Windows

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234