VYPR
Unrated severityNVD Advisory· Published Aug 14, 2019· Updated Aug 4, 2024

CVE-2019-0340

CVE-2019-0340

Description

The XML parser, which is being used by SAP Enable Now, before version 1902, has not been hardened correctly, leading to Missing XML Validation vulnerability. This issue affects the file upload at multiple locations. An attacker can read local XXE files.

Affected products

2
  • SAP/Enable Nowllm-fuzzy
    Range: <1902
  • SAP SE/SAP Enable Nowv5
    Range: < 1902

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.