CVE-2019-0388

SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7.53, 7.54 and SAP UI_700 version 2.0) allows an attacker to manipulate content due to insufficient URL validation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
sapCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 48%
VendorProductVersion
sapui
2.0
sapui
7.5
sapui
7.51
sapui
7.52
sapui
7.53
sapui
7.54
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2843016
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
https://launchpad.support.sap.com/#/notes/2843016
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390