CVE-2019-0390

EUVD-2019-1163
Under certain conditions SAP Data Hub (corrected in DH_Foundation version 2) allows an attacker to access information which would otherwise be restricted. Connection details that are maintained in Connection Manager are visible to users.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
4.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 53%
Affected Products (NVD)
VendorProductVersion
sapdiagnostics_agent
7.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://launchpad.support.sap.com/#/notes/2842034
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
https://launchpad.support.sap.com/#/notes/2842034
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390