CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-0267

HIGH
8.8
CVSS Severity Score
EPSS Score0.0340%
EPSS Percentile20.53th
Published2019年2月15日
Last Modified2024年11月21日

Vulnerability Description

SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens. This might lead to XSRF attacks in case the data is being posted to the Servlet from an external application.

Affected Platforms (CPE)

📦
Sap

Manufacturing Integration And Intelligence

= 15.0
📦
Sap

Manufacturing Integration And Intelligence

= 15.1
📦
Sap

Manufacturing Integration And Intelligence

= 15.2

References & Advisories

🔗 http://www.securityfocus.com/bid/106990
🔗 https://launchpad.support.sap.com/#/notes/2686535
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943
🔗 http://www.securityfocus.com/bid/106990
🔗 https://launchpad.support.sap.com/#/notes/2686535
🔗 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=510922943

相關漏洞威脅

CVE-2016-23897.5

Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) compone...

CVE-2016-40166.1

Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remo...

CVE-2015-83295.0

SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attack...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...