CyberSec.Space Logo
Back to CVE Browser

CVE-2019-0380

MEDIUM
4.9
CVSS Severity Score
EPSS Score0.1850%
EPSS Percentile33.41th
PublishedOct 8, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

Under certain conditions, SAP Landscape Management enterprise edition, before version 3.0, allows custom secure parameters’ default values to be part of the application logs leading to Information Disclosure.

Affected Platforms (CPE)

📦
Sap

Landscape Management

= 3.0

References & Advisories

🔗 https://launchpad.support.sap.com/#/notes/2828682
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
🔗 https://launchpad.support.sap.com/#/notes/2828682
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050

Related Vulnerabilities

CVE-2019-02497.5

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be rest...

CVE-2020-61917.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privile...

CVE-2020-61927.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges...

CVE-2020-62367.2

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to...