Unrated severityNVD Advisory· Published Feb 15, 2019· Updated Aug 4, 2024
CVE-2019-0267
CVE-2019-0267
Description
SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application.
Affected products
2- Range: <=15.2
- SAP SE/SAP Manufacturing Integration and Intelligencev5Range: < 15.0
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/106990mitrevdb-entryx_refsource_BID
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.