CVE-2019-0328

ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 76%
VendorProductVersion
sapnetweaver_process_integration
7.0
sapnetweaver_process_integration
7.1
sapnetweaver_process_integration
7.3
sapnetweaver_process_integration
7.4
sapnetweaver_process_integration
7.5
sapnetweaver_process_integration
7.31
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/109067
https://launchpad.support.sap.com/#/notes/2774489
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575
http://www.securityfocus.com/bid/109067
https://launchpad.support.sap.com/#/notes/2774489
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575