Access Control Vulnerability in SAP Solution Manager 7.2
CVE-2019-0291

5.5MEDIUM

Key Information:

Vendor
SAP
Status
SAP Solution Manager
Vendor
CVE Published:
14 May 2019

Summary

In SAP Solution Manager 7.2, under specific conditions, a vulnerability exists that permits an attacker to gain access to restricted information. This can occur if certain security controls are not properly configured, potentially exposing sensitive data to unauthorized users.

Affected Version(s)

SAP Solution Manager < 7.2

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...
x_refsource_MISC
https://launchpad.support.sap.com/#/notes/2748699
x_refsource_MISC
http://www.securityfocus.com/bid/108313
vdb-entryx_refsource_BID

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.