Unrated severityNVD Advisory· Published Jul 10, 2019· Updated Aug 4, 2024

CVE-2019-0327

Description

SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.

Affected products

SAP/NetWeaver for Java Application Server - Web Containerllm-create
Range: 7.1 - 7.5
SAP SE/SAP NetWeaver for Java Application Server - Web Container (engineapi)v5
Range: < 7.1
SAP SE/SAP NetWeaver for Java Application Server - Web Container (servercode)v5
Range: < 7.2

Patches

Vulnerability mechanics

References

www.securityfocus.com/bid/109071mitrevdb-entryx_refsource_BID
launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000