Code Injection Vulnerability in SAP NetWeaver AS ABAP Platform
CVE-2019-0304
9.8CRITICAL
Key Information:
- Vendor
SAP
- Status
- Vendor
- CVE Published:
- 12 June 2019
What is CVE-2019-0304?
The FTP function in SAP NetWeaver AS ABAP Platform allows an attacker to inject malicious code or manipulate commands, leading to unauthorized influence over application behavior. Multiple versions are affected, potentially exposing sensitive operations and presenting risks to overall system integrity.
Affected Version(s)
SAP NetWeaver AS ABAP Platform(KERNEL) < 7.21 < 7.21
SAP NetWeaver AS ABAP Platform(KERNEL) < 7.45 < 7.45
SAP NetWeaver AS ABAP Platform(KERNEL) < 7.49 < 7.49