Missing Authorization Check in SAP NetWeaver Process Integration by SAP
CVE-2019-0367
4.3MEDIUM
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 8 October 2019
What is CVE-2019-0367?
SAP NetWeaver Process Integration (B2B Toolkit) prior to versions 1.0 and 2.0 is susceptible to a vulnerability due to inadequate authorization checks for authenticated users. This flaw allows attackers to import B2B table content without proper clearance, potentially compromising system integrity and access controls. Organizations using affected versions should investigate and apply the necessary updates to mitigate this risk.
Affected Version(s)
SAP NetWeaver Process Integration (B2B Toolkit) < 1.0 < 1.0
SAP NetWeaver Process Integration (B2B Toolkit) < 2.0 < 2.0