CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0255

SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy Access Menu'. The situation can be misused by any user to leverage privileges to business functionality.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 58.5%

CVSS Severity

CVSS v3 Score 8.1

CVSS v2 Score 5.5

References

Products affected by CVE-2019-0255

Sap » Advanced Business Application Programming Platform Kernel » Version: 7.73

cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.73
Sap » Advanced Business Application Programming Platform Kernel » Version: 7.74

cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.74
Sap » Advanced Business Application Programming Platform Kernel » Version: 7.75.

cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.75.
Sap » Advanced Business Application Programming Platform Krnl64nuc » Version: 7.74

cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.74
Sap » Advanced Business Application Programming Platform Krnl64uc » Version: 7.73

cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.73
Sap » Advanced Business Application Programming Platform Krnl64uc » Version: 7.74

cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.74

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0255

Products

Pricing

Contact Us