Code Injection Vulnerability in SAP NetWeaver and SAP-JEECOR
CVE-2019-0355

7.2HIGH

Key Information:

Vendor: SAP
Status: SAP Netweaver As For Java (web Container)-engineapi; SAP Netweaver As For Java (web Container)-SAP-jeecor
Vendor: CVE Published:; 10 September 2019

What is CVE-2019-0355?

The vulnerability affects SAP NetWeaver Application Server Java Web Container and SAP-JEECOR, allowing unauthorized code injection. Attackers can exploit this weakness to execute arbitrary code within the application, potentially compromising application behavior and security. Users should ensure that they upgrade to supported versions to mitigate the risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

SAP NetWeaver AS for Java (Web Container)-ENGINEAPI < 7.10 < 7.10

SAP NetWeaver AS for Java (Web Container)-ENGINEAPI < 7.20 < 7.20

SAP NetWeaver AS for Java (Web Container)-ENGINEAPI < 7.30 < 7.30

References

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_CONFIRM

https://launchpad.support.sap.com/#/notes/2798336

x_refsource_MISC

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 10, 2019
Vulnerability Reserved
Nov 26, 2018

JSON

SAP

What is CVE-2019-0355?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.