CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0312

Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.6%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

Products affected by CVE-2019-0312

Sap » Netweaver Process Integration » Version: 7.10

cpe:2.3:a:sap:netweaver_process_integration:7.10
Sap » Netweaver Process Integration » Version: 7.11

cpe:2.3:a:sap:netweaver_process_integration:7.11
Sap » Netweaver Process Integration » Version: 7.20

cpe:2.3:a:sap:netweaver_process_integration:7.20
Sap » Netweaver Process Integration » Version: 7.30

cpe:2.3:a:sap:netweaver_process_integration:7.30
Sap » Netweaver Process Integration » Version: 7.31

cpe:2.3:a:sap:netweaver_process_integration:7.31
Sap » Netweaver Process Integration » Version: 7.40

cpe:2.3:a:sap:netweaver_process_integration:7.40
Sap » Netweaver Process Integration » Version: 7.50

cpe:2.3:a:sap:netweaver_process_integration:7.50

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0312

Products

Pricing

Contact Us