VYPR
Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 4, 2024

CVE-2019-0338

CVE-2019-0338

Description

During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure.

Affected products

2
  • SAP/SAP Gatewayllm-fuzzy
    Range: 750, 751, 752, 753
  • SAP SE/SAP Gatewayv5
    Range: < 750

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.