CVE-2019-0391 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2019-0391

CWE

https://cwe.mitre.org/data/definitions/.html

Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) allows an attacker to access information which would otherwise be restricted.

Affected Software

Name	Vendor	Start Version	End Version
Netweaver_application_server_java	Sap	7.10 (including)	7.10 (including)
Netweaver_application_server_java	Sap	7.20 (including)	7.20 (including)
Netweaver_application_server_java	Sap	7.30 (including)	7.30 (including)
Netweaver_application_server_java	Sap	7.31 (including)	7.31 (including)
Netweaver_application_server_java	Sap	7.40 (including)	7.40 (including)
Netweaver_application_server_java	Sap	7.50 (including)	7.50 (including)

References

https://launchpad.support.sap.com/#/notes/2835226
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390
https://launchpad.support.sap.com/#/notes/2835226
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528880390