← back
CVE-2019-0312

CVE-2019-0312

EPSS 1.1%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 1.1%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
12 Jun 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Several web pages provided SAP NetWeaver Process Integration (versions: SAP_XIESR: 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP_XITOOL: 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50) are not password protected. An attacker could access landscape information like host names, ports or other technical data in the absence of restrictive firewall and port settings.
Affected products
SAP SE · SAP NetWeaver Process Integration(SAP_XIESR)SAP SE · SAP NetWeaver Process Integration(SAP_XITOOL)

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://launchpad.support.sap.com/#/notes/2744086https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=521864242