CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-0293

Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, before versions 2008_1_700, 2008_1_710, and 740).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.0%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

http://www.securityfocus.com/bid/108324
https://launchpad.support.sap.com/#/notes/2756625
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
http://www.securityfocus.com/bid/108324
https://launchpad.support.sap.com/#/notes/2756625
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032

Products affected by CVE-2019-0293

Sap » Sap Solution Manager System » Version: 2008_1_700

cpe:2.3:a:sap:sap_solution_manager_system:2008_1_700
Sap » Sap Solution Manager System » Version: 2008_1_710

cpe:2.3:a:sap:sap_solution_manager_system:2008_1_710
Sap » Sap Solution Manager System » Version: 2008_1_740

cpe:2.3:a:sap:sap_solution_manager_system:2008_1_740

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0293

Products

Pricing

Contact Us