CVE-2019-0318 Information

Description

Under certain conditions SAP NetWeaver Application Server for Java (Startup Framework) versions 7.21 7.22 7.45 7.49 and 7.53 allows an attacker to access information which would otherwise be restricted.

CVSS Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Reference

http://www.securityfocus.com/bid/109069 https://launchpad.support.sap.com//notes/2738791 https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523994575

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

NONE

Base Score

NONE

Base Severity

5.3