CVE-2019-0349

SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute Go to statement without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 58%
VendorProductVersion
sapadvanced_business_application_programming_platform_kernel
7.21
sapadvanced_business_application_programming_platform_kernel
7.21ext:ext
sapadvanced_business_application_programming_platform_kernel
7.22
sapadvanced_business_application_programming_platform_kernel
7.22ext:ext
sapadvanced_business_application_programming_platform_kernel
7.49
sapadvanced_business_application_programming_platform_kernel
7.53
sapadvanced_business_application_programming_platform_kernel
7.73
sapadvanced_business_application_programming_platform_kernel
7.75
sapadvanced_business_application_programming_platform_kernel
7.76
sapadvanced_business_application_programming_platform_kernel
7.77
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2798743
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017
https://launchpad.support.sap.com/#/notes/2798743
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017