File Upload Vulnerability in SAP NetWeaver for Java Application Server
CVE-2019-0327
7.2HIGH
Key Information:
- Vendor
SAP
- Status
- Vendor
- CVE Published:
- 10 July 2019
What is CVE-2019-0327?
The vulnerability in SAP NetWeaver for Java Application Server's web container and server code allows attackers to upload files, including harmful script files, due to inadequate validation of file formats. This susceptibility could be exploited to execute arbitrary code on the server, posing a significant risk to the integrity and functionality of affected applications.
Affected Version(s)
SAP NetWeaver for Java Application Server - Web Container (engineapi) < 7.1 < 7.1
SAP NetWeaver for Java Application Server - Web Container (engineapi) < 7.2 < 7.2
SAP NetWeaver for Java Application Server - Web Container (engineapi) < 7.3 < 7.3