CVE-2019-0293

Read of RFC destination does not always perform necessary authorization checks, resulting in escalation of privileges to access information on RFC destinations on managed systems and SAP Solution Manager system (ST-PI, before versions 2008_1_700, 2008_1_710, and 740).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
sapCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 46%
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/108324
https://launchpad.support.sap.com/#/notes/2756625
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032
http://www.securityfocus.com/bid/108324
https://launchpad.support.sap.com/#/notes/2756625
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=520259032