CyberSec.Space Logo
返回 CVE 浏览器

CVE-2019-0261

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0430%
EPSS Percentile35.20th
Published2019年2月15日
Last Modified2024年11月21日

Vulnerability Description

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)).

Affected Platforms (CPE)

📦
Sap

Landscape Management

= 3.0

References & Advisories

🔗 http://www.securityfocus.com/bid/106986
🔗 https://launchpad.support.sap.com/#/notes/2742027
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
🔗 http://www.securityfocus.com/bid/106986
🔗 https://launchpad.support.sap.com/#/notes/2742027
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943

相关漏洞威胁

CVE-2019-02497.5

Under certain conditions SAP Landscape Management (VCM 3.0) allows an attacker to access information which would otherwise be rest...

CVE-2020-61917.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privile...

CVE-2020-61927.2

SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges...

CVE-2020-62367.2

SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker with admin_group privileges to...