Unrated severityNVD Advisory· Published Sep 10, 2019· Updated Aug 4, 2024

CVE-2019-0355

Description

SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (before versions 6.40, 7.0, 7.01), allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application.

Affected products

SAP/ENGINEAPIllm-create
Range: <7.50
SAP/SAP-JEECORllm-create
Range: <7.01
SAP/NetWeaver for Java Application Server - Web Containerllm-fuzzy
Range: <7.50
SAP SE/SAP NetWeaver AS for Java (Web Container)-ENGINEAPIv5
Range: < 7.10
SAP SE/SAP NetWeaver AS for Java (Web Container)-SAP-JEECORv5
Range: < 6.40

Patches

Vulnerability mechanics

References

launchpad.support.sap.commitrex_refsource_MISC
wiki.scn.sap.com/wiki/pages/viewpage.actionmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000