CVE-2019-0255

SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy Access Menu'. The situation can be misused by any user to leverage privileges to business functionality.
References
Configurations

Configuration 1

cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.73:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.75.:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.73:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64uc:7.74:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_business_application_programming_platform_kernel:7.74:*:*:*:*:*:*:*
cpe:2.3:a:sap:advanced_business_application_programming_platform_krnl64nuc:7.74:*:*:*:*:*:*:*

Information

Published : 2019-02-15 06:29

Updated : 2019-02-22 07:58


NVD link : CVE-2019-0255

Mitre link : CVE-2019-0255

CWE