CVE-2019-0399

SAP Portfolio and Project Management, before versions S4CORE 102, 103, EPPM 100 and CPRXRPM 500_702, 600_740, 610_740; unintentionally allows a user to discover accounting information of the Projects in Project dashboard, leading to Information Disclosure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.5 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
sapCNA
---
---
CVEADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
References
https://launchpad.support.sap.com/#/notes/2803554
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397
https://launchpad.support.sap.com/#/notes/2803554
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=533660397