CVE-2019-0367

EUVD-2019-1140
SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
Affected Products (NVD)
VendorProductVersion
sapnetweaver_process_integration
1.0
sapnetweaver_process_integration
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2805777
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
https://launchpad.support.sap.com/#/notes/2805777
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050