Vulnerability Details CVE-2019-0399
SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500_702, 600_740, 610_740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 55.0%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2019-0399
-
cpe:2.3:a:sap:portfolio_and_project_management:cprxrpm_500_702
-
cpe:2.3:a:sap:portfolio_and_project_management:cprxrpm_600_740
-
cpe:2.3:a:sap:portfolio_and_project_management:cprxrpm_610_740
-
cpe:2.3:a:sap:portfolio_and_project_management:eppm_100
-
cpe:2.3:a:sap:portfolio_and_project_management:s4core_102
-
cpe:2.3:a:sap:portfolio_and_project_management:s4core_103