Privilege Escalation in SAP NetWeaver Application Server Java
CVE-2019-0389
8.8HIGH
Key Information:
- Vendor
SAP
- Vendor
- CVE Published:
- 13 November 2019
What is CVE-2019-0389?
A privilege escalation vulnerability exists in the SAP NetWeaver Application Server Java, where an administrator can inadvertently change privileges for all or specific functions within the Java Server framework. This can lead to unauthorized users gaining access to execute critical functions that they would otherwise be restricted from performing, posing significant security risks.
Affected Version(s)
SAP NetWeaver Application Server Java (J2EE-Framework) < 7.1 < 7.1
SAP NetWeaver Application Server Java (J2EE-Framework) < 7.2 < 7.2
SAP NetWeaver Application Server Java (J2EE-Framework) < 7.3 < 7.3