CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0343

SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, allows an authenticated Backoffice/HMC user to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 68.7%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2019-0343

Sap » Commerce Cloud » Version: 1808

cpe:2.3:a:sap:commerce_cloud:1808
Sap » Commerce Cloud » Version: 1811

cpe:2.3:a:sap:commerce_cloud:1811
Sap » Commerce Cloud » Version: 1905

cpe:2.3:a:sap:commerce_cloud:1905
Sap » Commerce Cloud » Version: 6.4

cpe:2.3:a:sap:commerce_cloud:6.4
Sap » Commerce Cloud » Version: 6.5

cpe:2.3:a:sap:commerce_cloud:6.5
Sap » Commerce Cloud » Version: 6.6

cpe:2.3:a:sap:commerce_cloud:6.6
Sap » Commerce Cloud » Version: 6.7

cpe:2.3:a:sap:commerce_cloud:6.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0343

Products

Pricing

Contact Us