Unrated severityCISA KEVNVD Advisory· Published Aug 14, 2019· Updated Oct 21, 2025
CVE-2019-0344
CVE-2019-0344
Description
Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection.
Affected products
1- SAP SE/SAP Commerce Cloud (virtualjdbc extension)v5Range: < 6.4
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- launchpad.support.sap.commitrex_refsource_MISC
- wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.