CVE-2019-0367

SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 and 2.0, does not perform necessary authorization checks for an authenticated user, allowing the import of B2B table content that leads to Missing Authorization Check.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 39%
VendorProductVersion
sapnetweaver_process_integration
1.0
sapnetweaver_process_integration
2.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2805777
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
https://launchpad.support.sap.com/#/notes/2805777
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050