Missing Authorization Check in SAP Kernel's ABAP Debugger
CVE-2019-0349
7.2HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 14 August 2019
What is CVE-2019-0349?
A vulnerability exists in the SAP Kernel (ABAP Debugger) that allows users to execute 'Go to statement' commands without the required authorization S_DEVELOP DEBUG 02. This oversight in authorization checks can lead to unauthorized access to sensitive debugging features, potentially facilitating further exploitation within the system.
Affected Version(s)
SAP Kernel (KERNEL) < 7.21 < 7.21
SAP Kernel (KERNEL) < 7.49 < 7.49
SAP Kernel (KERNEL) < 7.53 < 7.53