CVE-2019-0389
CVE-2019-0389
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 1.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
13 Nov 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An administrator of SAP NetWeaver Application Server Java (J2EE-Framework), (corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5), may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise.
Affected products
SAP SE · SAP NetWeaver Application Server Java (J2EE-Framework)Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →