CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0278

Under certain conditions the Monitoring Servlet of the SAP NetWeaver Process Integration (Messaging System), fixed in versions 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to see the names of database tables used by the application, leading to information disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 42.0%

CVSS Severity

CVSS v3 Score 4.3

CVSS v2 Score 4.0

References

Products affected by CVE-2019-0278

Sap » Netweaver Process Integration » Version: 7.10

cpe:2.3:a:sap:netweaver_process_integration:7.10
Sap » Netweaver Process Integration » Version: 7.11

cpe:2.3:a:sap:netweaver_process_integration:7.11
Sap » Netweaver Process Integration » Version: 7.20

cpe:2.3:a:sap:netweaver_process_integration:7.20
Sap » Netweaver Process Integration » Version: 7.30

cpe:2.3:a:sap:netweaver_process_integration:7.30
Sap » Netweaver Process Integration » Version: 7.31

cpe:2.3:a:sap:netweaver_process_integration:7.31
Sap » Netweaver Process Integration » Version: 7.40

cpe:2.3:a:sap:netweaver_process_integration:7.40
Sap » Netweaver Process Integration » Version: 7.50

cpe:2.3:a:sap:netweaver_process_integration:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0278

Products

Pricing

Contact Us