Vulnerability Details CVE-2019-0304
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inject code or specifically manipulated command that can be executed by the application. An attacker could thereby control the behaviour of the application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 68.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2019-0304
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.21
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.45
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.49
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.53
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.73
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32nuc:7.21
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32nuc:7.21ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32nuc:7.22
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32nuc:7.22ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32uc:7.21
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32uc:7.21ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32uc:7.22
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl32uc:7.22ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.21
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.21ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.22
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.22ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.49
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.21
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.21ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.22
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.22ext
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.49
-
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.73