CyberSec.Space Logo
Back to CVE Browser

CVE-2019-0261

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile35.20th
PublishedFeb 15, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).

Affected Platforms (CPE)

πŸ“¦
Sap

Landscape Management

= 3.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/106986
πŸ”— https://launchpad.support.sap.com/#/notes/2742027
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
πŸ”— http://www.securityfocus.com/bid/106986
πŸ”— https://launchpad.support.sap.com/#/notes/2742027
πŸ”— https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943

Related Vulnerabilities

CVE-2019-02497.5

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be rest...

CVE-2020-61917.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privile...

CVE-2020-61927.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges...

CVE-2020-62367.2

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to...