Skip links
RedRays
Published in: sap note

CVE-2019-0248 Information Disclosure in SAP Gateway of ABAP Application Server, SAP security note 2723142

Author
Published on:

Description

Under certain conditions SAP Gateway of ABAP Application Server allows an attacker to access information which would otherwise be restricted.

Some well-known impacts of Information Disclosure are –

  • loss of information and system configuration confidentiality
  • information gathering for further exploits and attacks 

Available fix and Supported packages

  • SAP_GWFND | 750 | 750
  • SAP_GWFND | 751 | 751
  • SAP_GWFND | 752 | 752
  • SAP_GWFND | 753 | 753
  • SAP_BASIS | 750 | 753
  • SAP_GWFND 750 | SAPK-75014INSAPGWFND |
  • SAP_GWFND 751 | SAPK-75108INSAPGWFND |
  • SAP_GWFND 752 | SAPK-75204INSAPGWFND |
  • SAP_GWFND 753 | SAPK-75302INSAPGWFND |

Affected component

    OPU-GW-COR
    Framework

CVSS

Score: 4.3
CVSS:/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploit

Exploit is not available.
For detailed information please contact the mail [email protected]

URL

https://launchpad.support.sap.com/#/notes/2723142

TAGS

#Information-Exposure
#Information-Leak
#&160-CVE-2019-0248

You may also like