Vulnerability Details CVE-2019-0389
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2019-0389
-
cpe:2.3:a:sap:netweaver_application_server_java:7.1
-
cpe:2.3:a:sap:netweaver_application_server_java:7.2
-
cpe:2.3:a:sap:netweaver_application_server_java:7.3
-
cpe:2.3:a:sap:netweaver_application_server_java:7.31
-
cpe:2.3:a:sap:netweaver_application_server_java:7.4
-
cpe:2.3:a:sap:netweaver_application_server_java:7.5