Unrated severityNVD Advisory· Published Mar 12, 2019· Updated Aug 4, 2024
CVE-2019-0270
CVE-2019-0270
Description
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has been corrected in the following versions: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.74, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, 7.74, 8.04, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, 7.74, 7.75, 8.04.
Affected products
7- Range: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.74, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, 7.74, 8.04, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, 7.74, 7.75, 8.04
- SAP SE/ABAP Platform & Server (KERNEL)v5Range: < 7.21
- SAP SE/ABAP Platform & Server (KRNL32NUC)v5Range: < 7.21
- SAP SE/ABAP Platform & Server (KRNL32UC)v5Range: < 7.21
- SAP SE/ABAP Platform & Server (KRNL64NUC)v5Range: < 7.21
- SAP SE/ABAP Platform & Server (KRNL64UC)v5Range: < 7.21
Patches
Vulnerability mechanics
References
3- www.securityfocus.com/bid/107377mitrevdb-entryx_refsource_BID
- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.