CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2019-0338

During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 43.0%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://launchpad.support.sap.com/#/notes/2793351
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
https://launchpad.support.sap.com/#/notes/2793351
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017

Products affected by CVE-2019-0338

Sap » Gateway » Version: 750

cpe:2.3:a:sap:gateway:750
Sap » Gateway » Version: 751

cpe:2.3:a:sap:gateway:751
Sap » Gateway » Version: 752

cpe:2.3:a:sap:gateway:752
Sap » Gateway » Version: 753

cpe:2.3:a:sap:gateway:753

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0338

Products

Pricing

Contact Us