CVE-2019-0327
10.07.2019, 20:15
SAP NetWeaver for Java Application Server - Web Container, (engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5), (servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5), allows an attacker to upload files (including script files) without proper file format validation.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| sap | netweaver_application_server_java | 7.10 |
| sap | netweaver_application_server_java | 7.20 |
| sap | netweaver_application_server_java | 7.30 |
| sap | netweaver_application_server_java | 7.31 |
| sap | netweaver_application_server_java | 7.40 |
| sap | netweaver_application_server_java | 7.50 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References